K
K
Kirill_Ulyanov2021-09-08 09:42:55
Nginx
Kirill_Ulyanov, 2021-09-08 09:42:55

Why doesn't nginx write access log to /var/log/nginx?

Hello!

There is an Nginx configuration, within which the access log should be written in 2 files:
* Main site log file of the form /var/www/httpd-logs/site_address.access.log
* General log /var/log/nginx/access.log

B data is written to the main log, but not to access.log. Strace of nginx processes does not show any calls related to logging at all (maybe I just don’t know how to use it)

At the same time, data is written to /var/log/nginx/error.log, so there are no problems with rights:

/var/log/nginx# ls -al 
total 12
drwxr-xr-x  2 root adm    4096 Sep  8 09:41 .
drwxrwxr-x 14 root syslog 4096 Sep  8 09:15 ..
-rw-r--r--  1 root root      0 Sep  8 09:41 access.log
-rw-r--r--  1 root root    136 Sep  8 09:41 error.log


Output of nginx -V

nginx version: nginx/1.18.0 (Ubuntu)
built with OpenSSL 1.1.1f  31 Mar 2020
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-KTLRnK/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-compat --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module


nginx -T output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
load_module modules/ngx_pagespeed.so;
events {
  worker_connections 65535;
}
http {
  log_format main_host '$remote_addr - $remote_user [$time_local] $host $request '
                    '$status $body_bytes_sent "$http_referer" "$http_user_agent" '
                    '"$http_x_forwarded_for" $request_time-$upstream_response_time';
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  include /etc/nginx/mime.types;
  default_type application/octet-stream;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
  ssl_prefer_server_ciphers on;
    pagespeed on;
    pagespeed FileCachePath /var/cache/nginx/pagespeed_temp;
  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;
  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;
  include /etc/nginx/vhosts/*/*.conf;
  client_max_body_size 256m;
  server {
    server_name localhost;
    root /var/www/html;
    error_page 403 /index.html;
    disable_symlinks if_not_owner;
    include /etc/nginx/vhosts-includes/*.conf;
    location = /basic_status {
      access_log off;
      stub_status;
      allow 127.0.0.1;
      allow ::1;
      deny all;
    }
    location ~ ^/(status|ping)$ {
      access_log off;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_index index.php;
      include fastcgi_params;
      fastcgi_pass unix:/var/run/php-fpm.www-data.sock;
                        allow 127.0.0.1;
      allow ::1;
      deny all;
    }
    location / {
      return 403;
    }
    location /index.html {
    }
    location @fallback {
      error_log /dev/null crit;
      proxy_pass http://127.0.0.1:8080;
      proxy_redirect http://127.0.0.1:8080 /;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      access_log off ;
    }
    listen 80 default_server;
    listen [::]:80 default_server;
  }
  server_names_hash_bucket_size 512;
  server_names_hash_max_size 512;

}
# configuration file /etc/nginx/modules-enabled/50-mod-http-image-filter.conf:
...
# configuration file /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf:
...
# configuration file /etc/nginx/modules-enabled/50-mod-mail.conf:
...
# configuration file /etc/nginx/modules-enabled/50-mod-stream.conf:
...
# configuration file /etc/nginx/mime.types:
...
# configuration file /etc/nginx/vhosts/www-root/default.local.conf:
server {
  server_name default.local www.default.local;
  charset off;
  index index.php index.html;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/default.local/*.conf;
  ssi on;
  set $root_path /var/www/www-root/data/www/default.local;
  root $root_path;
  location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @fallback;
    }
    location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
      try_files $uri $uri/ @fallback;
    }
    location / {
      try_files /does_not_exists @fallback;
    }
  }
  location @fallback {
    proxy_pass http://127.0.0.1:8080;
    proxy_redirect http://127.0.0.1:8080 /;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    access_log off;
  }
  access_log /var/www/httpd-logs/default.local.access.log;
  error_log /var/www/httpd-logs/default.local.error.log notice;
  listen IPv4address:80;
  listen [IPv6address]:80;
}
server {
  server_name default.local www.default.local;
  ssl_certificate "/var/www/httpd-cert/www-root/default.local.crt";
  ssl_certificate_key "/var/www/httpd-cert/www-root/default.local.key";
  ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4;
  ssl_prefer_server_ciphers on;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
  charset off;
  index index.php index.html;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/default.local/*.conf;
  ssi on;
  set $root_path /var/www/www-root/data/www/default.local;
  root $root_path;
  location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @fallback;
    }
    location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
      try_files $uri $uri/ @fallback;
    }
    location / {
      try_files /does_not_exists @fallback;
    }
  }
  location @fallback {
    proxy_pass http://127.0.0.1:8080;
    proxy_redirect http://127.0.0.1:8080 /;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    access_log off;
  }
  access_log /var/www/httpd-logs/default.local.access.log;
  error_log /var/www/httpd-logs/default.local.error.log notice;
  listen IPv4address:443 ssl http2;
  listen [IPv6address]:443 ssl http2;
}
# configuration file /etc/nginx/vhosts-includes/awstats-nginx.conf:
...
# configuration file /etc/nginx/vhosts-includes/blacklist-nginx.conf:
...
# configuration file /etc/nginx/vhosts-includes/disabled.conf:
...
# configuration file /etc/nginx/vhosts-includes/letsencrypt.conf:
...
# configuration file /etc/nginx/vhosts-includes/logging.conf:
access_log /var/log/nginx/access.log main_host;
# configuration file /etc/nginx/vhosts-includes/phpmyadmin-nginx.conf:
...
# configuration file /etc/nginx/fastcgi_params:
...
# configuration file /etc/nginx/vhosts-includes/roundcube-nginx.conf:
...
# configuration file /etc/nginx/vhosts-includes/secure.conf:
...

Answer the question

In order to leave comments, you need to log in

2 answer(s)
K
Kirill_Ulyanov, 2021-09-08
@Kirill_Ulyanov

The issue was resolved by myself. Requests are proxied to Apache

location @fallback {
    proxy_pass http://127.0.0.1:8080;
    proxy_redirect http://127.0.0.1:8080 /;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    access_log off;
  }

and request logging is disabled there (hello, ISP!)

D
Danil Gorev, 2021-09-08
@ketovv

access_log /var/log/nginx/access.log; it is better to specify inside the server where you want to write logs from, conditionally:

server {
  access_log /var/log/nginx/access.log;
}

Well, for good, put all this into different configurations in /etc/nginc/conf.d, for each of the sites its own.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question