In this article, we will elaborate on how to configure and view Nginx Logs in Ubuntu 20.04 system to monitor the application activities.
There are two types of logs where recorded events in Nginx one is the access log, and the other is the error log. If you have already enabled these logs in the Nginx core configuration file then, you can find both types of logs in /var/log/nginx in all Linux distributions.
Nginx Access log
All activities related to site visitors are recorded in the access logs. In this type of log, you can find those files which are recently accessed, how the Nginx responded to a client request, client IP addresses, what browser a client is using, and more. By using the information of the access log, you can monitor the traffic to find site usage over time. If you monitor the access logs properly, then you can easily find some unusual requests which are sent by a user to check the flaws in the deployed application.
Enable the Nginx Access log
The access log you can enable with the access_log directive either in the server section or in HTTP.
The first argument, ‘log_file’ is compulsory, whereas the second argument is optional, ‘log_format’. If you do not mention log format, then logs will be typed in the default combined format.
The access log is defined by default in the Nginx configuration file. So, all virtual host’s access logs will be stored in the same configuration file.
It is recommended to set apart the access logs of all virtual hosts by recording into a new separate file.
...
...
access_log /var/log/nginx/access.log;
server {
listen 80;
Server_name example.com
access_log /var/log/nginx/example.access.log;
...
...
}
}
Reload the new NGINX configurations. Now, you can visit the access logs for the example.com domain in the file /var/log/nginx/example.access.log, by using the following command:
Customize format in the Access log
Let’s explain an example to define a custom access log format. By default, the access log is recorded in a combined log format. Therefore, you can extend the predefined format with the value of gzip response for compression ratio.
log_format custom '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio"';
server {
gzip on;
...
access_log /var/log/nginx/example.access.log custom;
...
}
}
Once you have made all changes in the configuration of Nginx, reload the Nginx and then run the tail command to display the gzip ratio at the end of the event log.
NGINX error log
If NGINX is suddenly stopped running or not working properly, it will record all events in the error log. Therefore, using the error logs, you can find more details. It also records warnings, but it cannot identify a problem that has occurred.
Enable error log
The following syntax of error_log directive:
In the above syntax, the first argument represents the log file path, and the second argument identifies the security level of the log event.
We have mentioned an example below in which performing overriding in error_log directive in the server context.
When you are required to disable the error log, assign the name of the log file to /dev/null.
error_log /dev/null;
Nginx Security Level of Error log
The following security level you can use in the error log:
- emerg: When your system is unstable, used for emergency messages
- alert: Generate alert messages of serious problems.
- crit: Used for Critical issues for immediately dealing.
- error: While processing a page, an error may occur.
- warn: Used for a warning message
- notice: Notice log that you can also ignore.
- info: For information, messages
- debug: Points the error location used for debugging information.
Conclusion
Nginx access and error logs are useful for recording certain activities. We have learned how we can enable and view these types of Nginx logs on our Linux system. That’s all about the Nginx logs.
