【CentOS7架构9】,Apache访问日志#171221-成都快上网建站

【CentOS7架构9】,Apache访问日志#171221

hellopasswd

让客户满意是我们工作的目标,不断超越客户的期望值来自于我们对这个行业的热爱。我们立志把好的技术通过有效、简单的方式提供给客户,将通过不懈努力成为客户在信息化领域值得信任、有价值的长期合作伙伴,公司提供的服务项目有:域名注册、网络空间、营销软件、网站建设、博爱网站维护、网站推广。

Apache访问日志 访问日志记录用户的每一个请求 vi /usr/local/apache2.4/conf/httpd.conf LogFormat "%h %I %u %t "%r" %>s %b "%{Referer}i""%{User-Agent}i""combined LogFormat "%h %I %u %t "%r" %>s %b "common 将虚拟主机配置文件改成如下: DocumentRoot "/data/wwwroot/www.111.com" ServerName www.111.com ServerAlias 111.com Customlog "logs/111.com-access_log"combined 重新加载配置文件-t,graceful curl -x 127.0.0.1:80 -I 111.com tail /usr/local/apache2.4/logs/111.com-access_log

[root@localhost ~]# ls /usr/local/apache2.4/logs/ 111.com-access_log abc.com-access_log access_log httpd.pid 111.com-error_log abc.com-error_log error_log [root@localhost ~]# cat /usr/local/apache2.4/logs/111.com-access_log 192.168.9.134 - - [04/Nov/2017:10:12:12 +0800] "GET HTTP://www.example.com HTTP/1.1" 200 13 192.168.9.134 - - [04/Nov/2017:10:13:11 +0800] "GET HTTP://111.com HTTP/1.1" 200 13 127.0.0.1 - - [04/Nov/2017:12:09:20 +0800] "GET HTTP://111.com HTTP/1.1" 401 381 127.0.0.1 - - [04/Nov/2017:12:10:05 +0800] "HEAD HTTP://111.com HTTP/1.1" 401 - 192.168.9.1 - - [04/Nov/2017:12:12:24 +0800] "GET /favicon.ico HTTP/1.1" 401 381 192.168.9.1 - - [04/Nov/2017:12:12:25 +0800] "GET / HTTP/1.1" 401 381 192.168.9.1 - - [04/Nov/2017:12:12:25 +0800] "GET / HTTP/1.1" 401 381 192.168.9.1 - user [04/Nov/2017:12:13:36 +0800] "GET / HTTP/1.1" 200 13 127.0.0.1 - user [04/Nov/2017:12:15:43 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 - 127.0.0.1 - user [04/Nov/2017:12:15:48 +0800] "GET HTTP://111.com HTTP/1.1" 200 13 192.168.9.1 - - [04/Nov/2017:12:29:11 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - user [04/Nov/2017:12:29:16 +0800] "GET /user.php HTTP/1.1" 200 10 192.168.9.1 - user [04/Nov/2017:12:29:22 +0800] "GET /user.php HTTP/1.1" 200 10 127.0.0.1 - user [04/Nov/2017:12:30:00 +0800] "GET HTTP://111.com HTTP/1.1" 200 13 127.0.0.1 - - [04/Nov/2017:12:30:15 +0800] "GET HTTP://111.com HTTP/1.1" 200 13 127.0.0.1 - - [04/Nov/2017:12:30:29 +0800] "GET HTTP://111.com/user.php HTTP/1.1" 401 381 127.0.0.1 - user [04/Nov/2017:12:30:41 +0800] "GET HTTP://111.com/user.php HTTP/1.1" 200 10 192.168.9.1 - user [04/Nov/2017:12:32:12 +0800] "GET /user.php HTTP/1.1" 200 10 192.168.9.1 - user [04/Nov/2017:12:32:16 +0800] "GET / HTTP/1.1" 200 13 192.168.9.1 - user [04/Nov/2017:12:32:24 +0800] "GET /user.php HTTP/1.1" 200 10 192.168.9.1 - - [04/Nov/2017:13:06:26 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - - [04/Nov/2017:13:06:29 +0800] "GET / HTTP/1.1" 200 13 192.168.9.1 - - [04/Nov/2017:13:06:58 +0800] "GET /user.php HTTP/1.1" 401 381 192.168.9.1 - user [04/Nov/2017:13:07:03 +0800] "GET /user.php HTTP/1.1" 200 10 192.168.9.134 - - [04/Nov/2017:13:44:37 +0800] "HEAD HTTP://www.example.com HTTP/1.1" 301 - 192.168.9.134 - - [04/Nov/2017:13:44:56 +0800] "GET HTTP://www.example.com HTTP/1.1" 301 223 192.168.9.134 - - [04/Nov/2017:13:45:59 +0800] "GET HTTP://www.example.com/111111 HTTP/1.1" 301 229 192.168.9.134 - - [04/Nov/2017:13:46:24 +0800] "HEAD HTTP://www.example.com/111111 HTTP/1.1" 301 - 192.168.9.134 - - [04/Nov/2017:13:47:14 +0800] "HEAD HTTP://www.example.com/1dasdasdas HTTP/1.1" 301 - 192.168.9.134 - - [04/Nov/2017:13:47:48 +0800] "HEAD http://111.com/1dasdasdas HTTP/1.1" 404 - 192.168.9.134 - - [04/Nov/2017:13:48:28 +0800] "HEAD http://111.com/user.php HTTP/1.1" 200 - 192.168.9.134 - - [04/Nov/2017:13:55:08 +0800] "GET HTTP://111.com HTTP/1.1" 403 209 192.168.9.134 - - [04/Nov/2017:13:55:13 +0800] "HEAD HTTP://111.com HTTP/1.1" 403 - 192.168.9.1 - - [04/Nov/2017:13:58:02 +0800] "GET /favicon.ico HTTP/1.1" 301 234 192.168.9.1 - - [04/Nov/2017:13:58:02 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - - [04/Nov/2017:13:58:05 +0800] "GET / HTTP/1.1" 301 223 192.168.9.1 - - [04/Nov/2017:13:58:05 +0800] "GET / HTTP/1.1" 200 13 192.168.9.1 - - [04/Nov/2017:14:00:51 +0800] "GET / HTTP/1.1" 200 13 192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 301 234 192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 301 234 192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - - [04/Nov/2017:14:01:28 +0800] "GET / HTTP/1.1" 200 13

HEAD为-I,GET

日志内容格式可以更改

[root@localhost ~]# vi /usr/local/apache2.4/conf/httpd.conf /LogFormat 279 LogLevel warn 280 281 282 # 283 # The following directives define some format nicknames for use with 284 # a CustomLog directive (see below). 285 # 286 LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined 287 LogFormat "%h %l %u %t "%r" %>s %b" common 288 289 290 # You need to enable mod_logio.c to use %I and %O 291 LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %I %O" combinedio 292 293 294 #

%h来源ip %l用户 %u用户和密码 %t时间 %r方式 %s状态码 %b大小 %{Referer}i跳转路径(从哪里点击) %{User-Agent}i浏览器代理

[root@localhost ~]# vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 36 # 37 # AllowOverride AuthConfig 38 # AuthName "111.com user auth" 39 # AuthType Basic 40 # AuthUserFile /data/.htpasswd 41 # require valid-user 42 # 43 # 44 45 RewriteEngine on 46 RewriteCond %{HTTP_HOST} !^111.com$ 47 RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L] 48 49 ErrorLog "logs/111.com-error_log" 50 CustomLog "logs/111.com-access_log" common 51

将50的CustomLog "logs/111.com-access_log" common中的common改为combined

[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t Syntax OK [root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful

[root@localhost ~]# curl -x 127.0.0.1:80 http://111.com/user.php -I HTTP/1.1 200 OK Date: Sat, 04 Nov 2017 06:33:52 GMT Server: Apache/2.4.29 (Unix) PHP/5.6.30 X-Powered-By: PHP/5.6.30 Content-Type: text/html; charset=UTF-8 [root@localhost ~]# curl -x 127.0.0.1:80 http://111.com/user.php hello!user

[root@localhost ~]# vi /data/wwwroot/abc.com/abc.html hello

然后在Windows下使用浏览器访问111.com/user.php

[root@localhost ~]# tail /usr/local/apache2.4/logs/111.com-access_log 192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 301 234 192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 301 234 192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.9.1 - - [04/Nov/2017:14:01:28 +0800] "GET / HTTP/1.1" 200 13 127.0.0.1 - - [04/Nov/2017:14:33:52 +0800] "HEAD http://111.com/user.php HTTP/1.1" 200 - "-" "curl/7.29.0" 127.0.0.1 - - [04/Nov/2017:14:34:03 +0800] "GET http://111.com/user.php HTTP/1.1" 200 10 "-" "curl/7.29.0" 192.168.9.1 - - [04/Nov/2017:14:35:24 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36" 192.168.9.1 - - [04/Nov/2017:14:35:25 +0800] "GET /user.php HTTP/1.1" 200 10 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)" 192.168.9.1 - - [04/Nov/2017:14:44:00 +0800] "GET /user.php HTTP/1.1" 200 10 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)"

而Referer则需要通过上级链接点击才能显示出来

通过日志可以了解到用户ip、用户名、时间、行为方式、上级链接、以及系统等一些信息


本文名称:【CentOS7架构9】,Apache访问日志#171221
标题来源:http://kswjz.com/article/cgsego.html
扫二维码与项目经理沟通

我们在微信上24小时期待你的声音

解答本文疑问/技术咨询/运营咨询/技术建议/互联网交流