Bird
Raised Fist0
Nginxdevops~5 mins

Access log configuration in Nginx - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is the purpose of the access_log directive in nginx?
The access_log directive in nginx is used to specify the file where nginx will record details about each client request, such as IP address, request time, and response status.
Click to reveal answer
beginner
How do you disable access logging in an nginx server block?
You can disable access logging by setting access_log off; inside the server or location block.
Click to reveal answer
intermediate
What is the default format used by nginx for access logs?
The default format is called combined, which includes client IP, timestamp, request line, status code, bytes sent, referrer, and user agent.
Click to reveal answer
intermediate
How can you create a custom log format in nginx?
Use the log_format directive to define a custom format with variables, then reference it in the access_log directive.
Click to reveal answer
beginner
Where is the access log file typically located in a default nginx installation?
It is usually located at /var/log/nginx/access.log.
Click to reveal answer
Which directive in nginx controls where access logs are saved?
Aserver_log
Berror_log
Caccess_log
Dlog_format
How do you turn off access logging in nginx?
Aaccess_log off;
Blog_format off;
Cdisable_access_log;
Derror_log off;
What does the default nginx access log format include?
AOnly error messages
BOnly client IP and status code
COnly request method and URL
DClient IP, timestamp, request, status, bytes, referrer, user agent
Which directive allows defining a custom log format in nginx?
Alog_format
Baccess_log
Ccustom_log
Dformat_log
Where is the default nginx access log file usually stored?
A/etc/nginx/access.log
B/var/log/nginx/access.log
C/usr/local/nginx/logs/access.log
D/home/nginx/access.log
Explain how to configure a custom access log format in nginx and apply it.
Think about defining format first, then using it.
You got /3 concepts.
    Describe how to disable access logging for a specific server block in nginx.
    Focus on the access_log directive.
    You got /2 concepts.

      Practice

      (1/5)
      1. What is the main purpose of the access_log directive in nginx?
      easy
      A. To record details of every request made to the server
      B. To block unwanted IP addresses
      C. To restart the nginx service
      D. To configure server SSL certificates

      Solution

      1. Step 1: Understand the role of access logs

        Access logs keep track of every request made to the server, helping monitor traffic and troubleshoot issues.

      2. Step 2: Identify the function of access_log

        The access_log directive in nginx specifies where and how these request details are recorded.

      3. Final Answer:

        To record details of every request made to the server -> Option A

      4. Quick Check:

        Access logs = record requests [OK]
      Hint: Access logs always record requests, not block or restart [OK]
      Common Mistakes:
      • Confusing access_log with security or restart commands
      • Thinking access_log blocks IPs
      • Assuming access_log manages SSL
      2. Which of the following is the correct syntax to enable access logging to a file named /var/log/nginx/access.log with the default format?
      easy
      A. access_log /var/log/nginx/access.log off;
      B. access_log /var/log/nginx/access.log default;
      C. access_log /var/log/nginx/access.log main;
      D. access_log /var/log/nginx/access.log;

      Solution

      1. Step 1: Recall default access_log syntax

        The access_log directive requires the log file path and optionally a format. If no format is given, the default is used.

      2. Step 2: Analyze each option

        access_log /var/log/nginx/access.log main; uses 'main' which is predefined but different from the default 'combined'; access_log /var/log/nginx/access.log default; uses 'default' which is not a valid format name; access_log /var/log/nginx/access.log; correctly specifies only the file path, using default format implicitly; access_log /var/log/nginx/access.log off; disables logging with 'off'.

      3. Final Answer:

        access_log /var/log/nginx/access.log; -> Option D

      4. Quick Check:

        Default format = omit format name [OK]
      Hint: Omit format name to use default logging [OK]
      Common Mistakes:
      • Using invalid format names like 'default'
      • Adding 'off' disables logging
      • Using 'main' which is not the default format
      3. Given this nginx config snippet:
      access_log /var/log/nginx/access.log custom_format;
      log_format custom_format '$remote_addr - $remote_user [$time_local] "$request" $status';

      What will be logged for a request from IP 192.168.1.10 with user 'john' requesting GET /home and status 200?
      medium
      A. john - 192.168.1.10 [time] "GET /home" 200
      B. 192.168.1.10 - john [time] "GET /home" 200
      C. 192.168.1.10 - - [time] "GET /home" 200
      D. 192.168.1.10 john [time] GET /home 200

      Solution

      1. Step 1: Understand the log_format string

        The format is: $remote_addr - $remote_user [$time_local] "$request" $status. This means IP, dash, username, time, request in quotes, and status code.

      2. Step 2: Substitute values from the request

        IP is 192.168.1.10, user is 'john', request is 'GET /home', status is 200. Time is shown as [time] placeholder.

      3. Final Answer:

        192.168.1.10 - john [time] "GET /home" 200 -> Option B

      4. Quick Check:

        Format matches IP - user [time] "request" status [OK]
      Hint: Match variables exactly as in log_format string [OK]
      Common Mistakes:
      • Mixing order of IP and user
      • Omitting dashes or quotes
      • Confusing $remote_user with $remote_addr
      4. You configured access_log /var/log/nginx/access.log combined; but no logs appear. What is the most likely error?
      medium
      A. The 'combined' log format is not defined in nginx config
      B. The log file path is incorrect
      C. The access_log directive disables logging by default
      D. Nginx does not support custom log formats

      Solution

      1. Step 1: Understand the 'combined' format usage

        'combined' is a common log format but must be defined with log_format directive in nginx config before use.

      2. Step 2: Analyze why logs don't appear

        If 'combined' is not defined, nginx ignores the logging directive or fails silently, so no logs are written.

      3. Final Answer:

        The 'combined' log format is not defined in nginx config -> Option A

      4. Quick Check:

        Undefined format = no logs [OK]
      Hint: Define custom formats before using them in access_log [OK]
      Common Mistakes:
      • Assuming 'combined' is built-in by default
      • Ignoring file permission issues
      • Thinking access_log disables logging by default
      5. You want to log only requests with status code 400 or higher to /var/log/nginx/error_access.log and all requests to the default access log. Which configuration snippet achieves this?
      hard
      A. access_log /var/log/nginx/access.log; access_log /var/log/nginx/error_access.log combined if=$status > 399;
      B. access_log /var/log/nginx/access.log; access_log /var/log/nginx/error_access.log combined if=$status >= 400;
      C. map $status $log_error { ~^[4-9] 1; default 0; } access_log /var/log/nginx/access.log; access_log /var/log/nginx/error_access.log combined if=$log_error;
      D. access_log /var/log/nginx/access.log; access_log /var/log/nginx/error_access.log combined if=$status eq 400;

      Solution

      1. Step 1: Understand conditional logging in nginx

        nginx supports conditional logging using the if= parameter with variables and expressions.

      2. Step 2: Use a map to create a variable for status >= 400

        Direct comparisons like '$status >= 400' are not supported in if=. Instead, a map is used to set a variable $log_error to 1 for status codes 400 and above.

      3. Step 3: Apply conditional logging using the variable

        Use if=$log_error in the access_log directive to log only those requests.

      4. Final Answer:

        map $status $log_error { ~^[4-9] 1; default 0; } access_log /var/log/nginx/access.log; access_log /var/log/nginx/error_access.log combined if=$log_error; -> Option C

      5. Quick Check:

        Conditional logging requires map + if= variable [OK]
      Hint: Use map to create condition variable for logging [OK]
      Common Mistakes:
      • Trying to use direct comparison in if= condition
      • Not defining a map for conditional logging
      • Expecting nginx to parse expressions in if= directly