在使用nginx記錄訪問日誌時,發現在含有request_body
的 PUT
,POST
請求時,日誌中會含有 \x22
\x9B
\x5C
\x09
\x08
字符,不利於閱讀和處理。
具體 支持request_body
的http method參見 http1.1定義 9 Method Definitions 和 Payloads of HTTP Request Methods
nginx.conf
默認access_log 配置
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"' '$http_host $upstream_status $upstream_addr $request_time $upstream_response_time';複製代碼
改成
log_format json_log escape=json '{"realip":"$remote_addr","@timestamp":"$time_iso8601","host":"$http_host","request":"$request","req_body":"$request_body","status":"$status","size":$body_bytes_sent,"ua":"$http_user_agent","cookie":"$http_cookie","req_time":"$request_time","uri":"$uri","referer":"$http_referer","xff":"$http_x_forwarded_for","ups_status":"$upstream_status","ups_addr":"$upstream_addr","ups_time":"$upstream_response_time"}';
參考 How to generate a JSON log from nginx?
官方文檔ngx_http_log_module.html#log_format 注意,escape
是從1.11.8後新增的參數。
如果是老版本的,linux可以考慮使用shell
命令替換,logstash
可以考慮使用ruby
處理 ,參考 Optionally support handling of \x escape codes
作者:趙安家
鏈接:https://juejin.im/post/5949e0f7128fe1006a627cc0
來源:掘金
著作權歸作者所有。商業轉載請聯繫作者獲得授權,非商業轉載請註明出處。