Nginxdevops~5 mins

Why logging tracks server behavior in Nginx - Why It Works

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Logging helps you see what your server is doing. It records requests and errors so you can find problems and understand traffic.

When you want to know if your website is receiving visitors and what pages they visit

When you need to find out why your server is slow or crashing

When you want to keep a record of errors to fix bugs later

When you want to monitor security by tracking suspicious requests

When you want to analyze traffic patterns to improve your site

Config File - nginx.conf

nginx.conf

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;

    server {
        listen 80;
        server_name example.com;

        location / {
            root /usr/share/nginx/html;
            index index.html index.htm;
        }
    }
}

This file sets up nginx to log errors and access requests.

error_log records server errors to help find problems.

log_format defines how each request is recorded with details like IP, time, request, and user agent.

access_log saves all requests using the defined format.

Commands

Check if the nginx configuration file is valid before restarting the server.

Terminal

sudo nginx -t

Expected OutputExpected

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

Restart nginx to apply the new logging configuration.

Terminal

sudo systemctl restart nginx

Expected OutputExpected

No output (command runs silently)

Show the last 5 lines of the access log to see recent requests recorded by nginx.

Terminal

tail -n 5 /var/log/nginx/access.log

Expected OutputExpected

192.168.1.10 - - [27/Apr/2024:14:22:01 +0000] "GET /index.html HTTP/1.1" 200 1024 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" 192.168.1.11 - - [27/Apr/2024:14:22:05 +0000] "GET /about.html HTTP/1.1" 200 2048 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)" 192.168.1.12 - - [27/Apr/2024:14:22:10 +0000] "POST /login HTTP/1.1" 302 512 "-" "Mozilla/5.0 (Linux; Android 9)" 192.168.1.13 - - [27/Apr/2024:14:22:15 +0000] "GET /dashboard HTTP/1.1" 200 4096 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_0 like Mac OS X)" 192.168.1.14 - - [27/Apr/2024:14:22:20 +0000] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)"

Check the last 5 lines of the error log to find any recent server errors.

Terminal

tail -n 5 /var/log/nginx/error.log

Expected OutputExpected

2024/04/27 14:20:00 [warn] 1234#0: *1 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp/1/00/0000000001 while reading upstream, client: 192.168.1.10, server: example.com, request: "GET /api/data HTTP/1.1", upstream: "http://127.0.0.1:8080/api/data", host: "example.com" 2024/04/27 14:21:00 [error] 1234#0: *2 open() "/usr/share/nginx/html/missing.html" failed (2: No such file or directory), client: 192.168.1.11, server: example.com, request: "GET /missing.html HTTP/1.1", host: "example.com"

Key Concept

If you remember nothing else from this pattern, remember: logging records what your server does so you can find problems and understand traffic.

Common Mistakes

Not restarting nginx after changing the logging settings

The new logging configuration will not take effect until nginx restarts.

Always run 'sudo systemctl restart nginx' after editing the config file.

Ignoring error logs and only checking access logs

Error logs contain important information about server problems that access logs do not show.

Check both access and error logs regularly to get a full picture.

Using incorrect log file paths in the configuration

Nginx will fail to write logs if the paths do not exist or have wrong permissions.

Ensure log file directories exist and nginx has permission to write there.

Summary

Edit nginx.conf to set up access and error logging with clear formats and file paths.

Test the configuration with 'nginx -t' to catch errors before restarting.

Restart nginx to apply logging changes and then check logs with 'tail' commands to monitor server behavior.