Nginxdevops~5 mins

Log format customization in Nginx - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Sometimes default logs do not show all the details you need. Customizing log format lets you choose exactly what information to record about each web request. This helps you understand traffic and troubleshoot issues better.

When you want to log the client IP, request time, and user agent in a specific order.

When you need to add extra details like request length or response status to your logs.

When you want to create logs that are easier to read or parse by other tools.

When you want to separate logs by format for different parts of your website.

When you want to reduce log size by excluding unnecessary information.

Config File - nginx.conf

nginx.conf

http {
    log_format custom_format '$remote_addr - $remote_user [$time_local] '
                             '"$request" $status $body_bytes_sent '
                             '"$http_referer" "$http_user_agent"';

    access_log /var/log/nginx/access.log custom_format;

    server {
        listen 80;
        server_name example.com;

        location / {
            root /usr/share/nginx/html;
            index index.html;
        }
    }
}

The log_format directive defines a new log format named custom_format. It specifies which variables to include and their order.

The access_log directive tells Nginx to use this custom format when writing logs to /var/log/nginx/access.log.

The server block defines a simple web server listening on port 80.

Commands

Check the Nginx configuration file for syntax errors before applying changes.

Terminal

sudo nginx -t

Expected OutputExpected

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

Reload Nginx to apply the new log format without stopping the server.

Terminal

sudo systemctl reload nginx

Expected OutputExpected

No output (command runs silently)

View the last 3 lines of the access log to verify the new log format is in use.

Terminal

tail -n 3 /var/log/nginx/access.log

Expected OutputExpected

192.168.1.10 - - [27/Apr/2024:14:22:10 +0000] "GET /index.html HTTP/1.1" 200 1024 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" 192.168.1.11 - - [27/Apr/2024:14:22:15 +0000] "GET /style.css HTTP/1.1" 200 2048 "http://example.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)" 192.168.1.12 - - [27/Apr/2024:14:22:20 +0000] "POST /submit HTTP/1.1" 404 512 "http://example.com/form" "Mozilla/5.0 (Linux; Android 10)"

Key Concept

If you remember nothing else from this pattern, remember: defining a custom log format lets you control exactly what details Nginx records about each request.

Common Mistakes

Forgetting to reload Nginx after changing the log format.

Nginx continues using the old log format until reloaded, so changes have no effect.

Always run 'sudo systemctl reload nginx' after editing the configuration.

Using incorrect variable names in the log_format directive.

Nginx will fail to start or ignore the log format if variables are invalid.

Use only valid Nginx variables like $remote_addr, $status, $http_user_agent.

Not testing the configuration syntax before reloading.

Syntax errors can cause Nginx to fail to reload, leading to downtime.

Always run 'sudo nginx -t' to verify configuration before reload.

Summary

Define a custom log format in the nginx.conf file using the log_format directive.

Apply the custom format to the access log with the access_log directive.

Test the configuration syntax with 'nginx -t' and reload Nginx to apply changes.

Check the access log to confirm the new format is being used.