11.21 Apache访问日志

访问日志目录概要

  • 访问日志记录用户的每一个请求
  • vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common 
  • 把虚拟主机配置文件改成如下:
 <VirtualHost *:80>
    DocumentRoot "/data/wwwroot/www.123.com"
    ServerName www.123.com
    ServerAlias 123.com
    CustomLog "logs/123.com-access_log" combined
</VirtualHost>
  • 重新加载配置文件 -t,graceful
  • curl -x127.0.0.1:80 -I 123.com
  • tail /usr/local/apache2.4/logs/123.com-access_log

访问日志

  • 访问日志,就是在浏览器中输入网址,每一次访问,每一次请求,都会生成一个日志
  • 查看apache2.4的日志
[root@hf-01 ~]# ls /usr/local/apache2.4/logs/
111.com-access_log  abc.com-access_log  access_log  httpd.pid
111.com-error_log   abc.com-error_log   error_log
[root@hf-01 ~]# 
  • 查看111.com访问日志
    • 日志里面的HEAD都是curl命令导致的
    • 日志里面的GET就是不加 -I参数的,在加上-I只会输出状态码,并不会把内容GET下来
    • 日志里面包含 来源的IP,时间 , 行为 ,访问的域名 , HTTP的版本1.1 ,状态码 , 大小
[root@hf-01 ~]# ls /usr/local/apache2.4/logs/111.com-access_log 
/usr/local/apache2.4/logs/111.com-access_log
[root@hf-01 ~]# cat !$
cat /usr/local/apache2.4/logs/111.com-access_log
127.0.0.1 - - [20/Dec/2017:23:29:53 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - - [20/Dec/2017:23:34:22 +0800] "HEAD HTTP://111.com HTTP/1.1" 401 -
127.0.0.1 - - [20/Dec/2017:23:36:57 +0800] "GET HTTP://111.com HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:42:35 +0800] "GET /favicon.ico HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:42:35 +0800] "GET / HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:42:52 +0800] "GET / HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:48:41 +0800] "GET / HTTP/1.1" 401 381
192.168.202.1 - hanfeng [20/Dec/2017:23:49:04 +0800] "GET / HTTP/1.1" 200 7
127.0.0.1 - hanfeng [20/Dec/2017:23:57:06 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - hanfeng [20/Dec/2017:23:59:16 +0800] "HEAD HTTP://111.com HTTP/1.1" 401 -
127.0.0.1 - hanfeng [21/Dec/2017:00:19:07 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - hanfeng [21/Dec/2017:00:19:21 +0800] "GET HTTP://111.com HTTP/1.1" 200 7
127.0.0.1 - - [21/Dec/2017:00:19:37 +0800] "GET HTTP://111.com HTTP/1.1" 200 7
127.0.0.1 - - [21/Dec/2017:00:19:41 +0800] "GET HTTP://111.com HTTP/1.1" 200 7
127.0.0.1 - - [21/Dec/2017:00:24:13 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - - [21/Dec/2017:00:25:42 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:11 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:43 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 155
127.0.0.1 - hanfeng [21/Dec/2017:00:29:05 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - hanfeng [21/Dec/2017:00:52:40 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.202.130 - - [21/Dec/2017:21:07:37 +0800] "HEAD HTTP://2111.com.cn HTTP/1.1" 301 -
[root@hf-01 ~]# 

定义日志文件格式

  • 上面输出的日志太过简单,不是我们所需要的日志格式,日志其实可以自定义格式的
  1. 打开主配置文件
  • 默认使用的是common
  • %h,来源IP
  • %l,用户
  • %u,用户名和密码
  • %t,时间
  • %r,行为和网站
  • %>s,网站状态码
  • %b,页面大小
  • {Referer}i 表示访问页面的上一个所访问的页面
  • %{User-Agent}i 表示用户代理,是通过浏览器访问,还是curl命令访问,最终获得网站的内容,浏览器就是用户代理
[root@hf-01 ~]# vim /usr/local/apache2.4/conf/httpd.conf ——>不更改信息

搜索 /LogFormat ,看到的就是文件格式,这里提供了两个文件的格式,默认使用的是common

     LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
  1. 打开虚拟机配置文件
[root@hf-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf

未更改前
<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/abc.com"
    ServerName abc.com
    ServerAlias www.abc.com www.123.com
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com  2111.com.cn
   # <Directory /data/wwwroot/111.com> 
   # <FilesMatch 123.php>
   #     AllowOverride AuthConfig
   #     AuthName "111.com user auth"
   #     AuthType Basic
   #     AuthUserFile /data/.htpasswd
   #     require valid-user
   # </FilesMatch>
    #</Directory>
   <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^111.com$
        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" common
</VirtualHost>

更改后,将common 改为 combined 

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/abc.com"
    ServerName abc.com
    ServerAlias www.abc.com www.123.com
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/data/wwwroot/111.com"
    ServerName 111.com
    ServerAlias www.example.com  2111.com.cn
   # <Directory /data/wwwroot/111.com> 
   # <FilesMatch 123.php>
   #     AllowOverride AuthConfig
   #     AuthName "111.com user auth"
   #     AuthType Basic
   #     AuthUserFile /data/.htpasswd
   #     require valid-user
   # </FilesMatch>
    #</Directory>
   <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTP_HOST} !^111.com$
        RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
    ErrorLog "logs/111.com-error_log"
    CustomLog "logs/111.com-access_log" combined
</VirtualHost>
  1. 检查配置文件是否存在语法错误,并重启配置文件
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@hf-01 ~]# 
  1. 使用curl命令访问网址
[root@hf-01 ~]# curl -x192.168.202.150:80 http://111.com123.php -I
HTTP/1.1 200 OK
Date: Thu, 21 Dec 2017 13:50:10 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8

[root@hf-01 ~]# 
  1. 再用浏览器访问下网址
  1. 查看日志文件
  • 会看到日志文件丰富了
[root@hf-01 ~]# tail !$
tail /usr/local/apache2.4/logs/111.com-access_log
127.0.0.1 - - [21/Dec/2017:00:24:13 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - - [21/Dec/2017:00:25:42 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:11 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:43 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 155
127.0.0.1 - hanfeng [21/Dec/2017:00:29:05 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - hanfeng [21/Dec/2017:00:52:40 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.202.130 - - [21/Dec/2017:21:07:37 +0800] "HEAD HTTP://2111.com.cn HTTP/1.1" 301 -
192.168.202.130 - - [21/Dec/2017:21:51:25 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.1 - - [21/Dec/2017:21:51:32 +0800] "GET /123.php HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.221 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.202.130 - - [21/Dec/2017:21:55:08 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
[root@hf-01 ~]# 
  1. 测试{Referer}i ,在论坛新建一个笔记,测试网址,加入自己的测试链接,并在日志中打开自己的测试链接
  2. 再来查看日志文件,会看到生成了{Referer}i
[root@hf-01 ~]# tail -5 /usr/local/apache2.4/logs/111.com-access_log
192.168.202.130 - - [21/Dec/2017:21:07:37 +0800] "HEAD HTTP://2111.com.cn HTTP/1.1" 301 -
192.168.202.130 - - [21/Dec/2017:21:51:25 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.1 - - [21/Dec/2017:21:51:32 +0800] "GET /123.php HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.221 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.202.130 - - [21/Dec/2017:21:55:08 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.1 - - [21/Dec/2017:22:04:27 +0800] "GET /123.php HTTP/1.1" 200 7 "http://ask.apelearn.com/question/17687" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.221 Safari/537.36 SE 2.X MetaSr 1.0"
[root@hf-01 ~]# 

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏运维小白

Linux基础(day44)

11.22 访问日志不记录静态文件 访问日志不记录指定类型的文件目录概要 网站大多元素为静态文件,如图片、css、js等,这些元素可以不用记录 把虚拟主机配置文...

25910
来自专栏小白课代表

Windows 10 让人不爽的骚操作之二!

有没有一丝丝的别扭?倒不是嫌弃这几个文件夹不好看或者不好用,单单这7个文件夹就让人受不了好叭(╯▽╰)

2833
来自专栏一个会写诗的程序员的博客

13.2 Spring Boot启动报错:Whitelabel Error Page13.2 Spring Boot启动报错:Whitelabel Error Page问题描述原因分析解决方案

首先,这个出错页面是SpringBoot的一个默认出错页面。源码在:org.springframework.boot.autoconfigure.web.ser...

1295
来自专栏battcn

一起来学SpringBoot | 第十三篇:RabbitMQ延迟队列

初探RabbitMQ消息队列中介绍了 RabbitMQ的简单用法,顺带提及了下延迟队列的作用。所谓 延时消息就是指当消息被发送以后,并不想让消费者立即拿到消息,...

3631
来自专栏运维小白

Linux基础(day43)

11.18 Apache用户认证 httpd的用户认证目录 vim /usr/local/apache2.4/conf/extra/httpd-vhosts.c...

2105
来自专栏Jaycekon

Spring-boot:快速搭建微框架服务

前言: Spring Boot是为了简化Spring应用的创建、运行、调试、部署等而出现的,使用它可以做到专注于Spring应用的开发,而无需过多关注XML的配...

53212
来自专栏皮皮之路

【Spring】Spring boot多数据源历险记

3886
来自专栏搜云库

Spring Boot 中使用 LogBack 配置

LogBack是一个日志框架,它与Log4j可以说是同出一源,都出自Ceki Gülcü之手。(log4j的原型是早前由Ceki Gülcü贡献给Apache基...

2.4K6
来自专栏皮皮之路

【Spring】Spring boot多数据源历险记

49416
来自专栏一个会写诗的程序员的博客

Spring Boot 使用 Zuul 开发 API GatewaySpring Boot 使用 Zuul 开发 API Gateway

Spring Boot 是构建单个微服务应用的理想选择,但是我们还需要以某种方式将它们互相联系起来。这就是 Spring Cloud Netflix 所要解决的...

1304

扫码关注云+社区

领取腾讯云代金券