Separate Nginx access log file for certain requests only

blocking request ubuntu nginx logging
13,600

Solution 1

cjc put me on the right track. Using access_log in an if statement by itself is not possible (You get a nginx: [emerg] "access_log" directive is not allowed here error). So the workaround is as follows:

if ($http_user_agent ~* (crawler) ) {
  set $crawler 'yes';
}
location ~ .* {
  if ($crawler = 'yes') {
    access_log /var/log/nginx/blockedbots.log;
    return 200;
    }
}

Solution 2

access_log supports if:

(access_log path [format [buffer=size [flush=time]] [if=condition]];)

access_log /var/.... if $crawler;

Source:

http://nginx.org/en/docs/http/ngx_http_log_module.html

Solution 3

You should be able to put an access_log directive inside an if block, according to the documentation:

http://wiki.nginx.org/HttpLogModule

So, you should be able to do something like:

if ($http_user_agent ~* (crawler) ) {
   access_log /path/to/other/log/file ;
}
Share:
13,600

Related videos on Youtube

Max
Author by

Max

Analytics consultant available for hire. More info: https://maxcorbeau.com

Updated on September 18, 2022

Comments

  • Max
    Max over 1 year

    As far as I can see Nginx supports by default 2 log files: error_log (tracks issues related to the Nginx server itself) and access_log (tracks requests processed by Nginx). Whilst it is possible to control the format of access_log with the log_format directive, I have been unsuccessful at finding a way of logging only certain requests to a separate file, and therefore would like to ask the question on SF as a reference for future readers:

    Is there a way to log certain requests to a different log file than the one defined by access_log?

    FYI the reason behind this question is that I have a rule that denies access to unwanted crawlers with a 200 (because 403 would give them a hint that they're being blocked), and filtering those requests out of the access_log becomes more difficult.

  • Xeoncross
    Xeoncross over 9 years
    Um, isn't this an access log inside an if statement..?
  • Xeoncross
    Xeoncross over 9 years
    Yep, the doc says that you can use Context: http, server, location, **if in location**, limit_except
  • Oliver
    Oliver over 6 years
    This is the cleaner solution as of NGINX 1.7.0.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Nginx writing separately to two different logs
How do erase the contents of a error.log file but keep the file intact
How to share nginx log's without sudo to another user?
nginx logging to access.log.1 instead of access.log, logrotate failing?
How to limit nginx access log file size and compress?
Pm2 process stops running
PHP-FPM + Laravel + Nginx + Ubuntu permission
"upstream prematurely closed connection while reading response header from upstream" with nginx, PostgreSQL and Mono on Ubuntu MVC4 app
What are the correct permissions for my site that is now served by NginX?
log rotation for nginx on windows