【CentOS 7架构9】,Apache访问日志#171221

于 2019-07-03 23:10:00 发布
阅读量162 收藏
点赞数
CC 4.0 BY-SA版权
原文链接:https://my.oschina.net/u/3892756/blog/3069288

shallow丿ove

Apache访问日志

  • 访问日志记录用户的每一个请求
  • vi /usr/local/apache2.4/conf/httpd.conf LogFormat "%h %I %u %t "%r" %>s %b "%{Referer}i""%{User-Agent}i""combined LogFormat "%h %I %u %t "%r" %>s %b "common
  • 将虚拟主机配置文件改成如下: <VirtualHost *:80> DocumentRoot "/data/wwwroot/www.111.com" ServerName www.111.com ServerAlias 111.com Customlog "logs/111.com-access_log"combined </VirtualHost>
  • 重新加载配置文件-t,graceful
  • curl -x 127.0.0.1:80 -I 111.com
  • tail /usr/local/apache2.4/logs/111.com-access_log
[root@localhost ~]# ls /usr/local/apache2.4/logs/
111.com-access_log  abc.com-access_log  access_log  httpd.pid
111.com-error_log   abc.com-error_log   error_log
[root@localhost ~]# cat /usr/local/apache2.4/logs/111.com-access_log 
192.168.9.134 - - [04/Nov/2017:10:12:12 +0800] "GET HTTP://www.example.com HTTP/1.1" 200 13
192.168.9.134 - - [04/Nov/2017:10:13:11 +0800] "GET HTTP://111.com HTTP/1.1" 200 13
127.0.0.1 - - [04/Nov/2017:12:09:20 +0800] "GET HTTP://111.com HTTP/1.1" 401 381
127.0.0.1 - - [04/Nov/2017:12:10:05 +0800] "HEAD HTTP://111.com HTTP/1.1" 401 -
192.168.9.1 - - [04/Nov/2017:12:12:24 +0800] "GET /favicon.ico HTTP/1.1" 401 381
192.168.9.1 - - [04/Nov/2017:12:12:25 +0800] "GET / HTTP/1.1" 401 381
192.168.9.1 - - [04/Nov/2017:12:12:25 +0800] "GET / HTTP/1.1" 401 381
192.168.9.1 - user [04/Nov/2017:12:13:36 +0800] "GET / HTTP/1.1" 200 13
127.0.0.1 - user [04/Nov/2017:12:15:43 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - user [04/Nov/2017:12:15:48 +0800] "GET HTTP://111.com HTTP/1.1" 200 13
192.168.9.1 - - [04/Nov/2017:12:29:11 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - user [04/Nov/2017:12:29:16 +0800] "GET /user.php HTTP/1.1" 200 10
192.168.9.1 - user [04/Nov/2017:12:29:22 +0800] "GET /user.php HTTP/1.1" 200 10
127.0.0.1 - user [04/Nov/2017:12:30:00 +0800] "GET HTTP://111.com HTTP/1.1" 200 13
127.0.0.1 - - [04/Nov/2017:12:30:15 +0800] "GET HTTP://111.com HTTP/1.1" 200 13
127.0.0.1 - - [04/Nov/2017:12:30:29 +0800] "GET HTTP://111.com/user.php HTTP/1.1" 401 381
127.0.0.1 - user [04/Nov/2017:12:30:41 +0800] "GET HTTP://111.com/user.php HTTP/1.1" 200 10
192.168.9.1 - user [04/Nov/2017:12:32:12 +0800] "GET /user.php HTTP/1.1" 200 10
192.168.9.1 - user [04/Nov/2017:12:32:16 +0800] "GET / HTTP/1.1" 200 13
192.168.9.1 - user [04/Nov/2017:12:32:24 +0800] "GET /user.php HTTP/1.1" 200 10
192.168.9.1 - - [04/Nov/2017:13:06:26 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - - [04/Nov/2017:13:06:29 +0800] "GET / HTTP/1.1" 200 13
192.168.9.1 - - [04/Nov/2017:13:06:58 +0800] "GET /user.php HTTP/1.1" 401 381
192.168.9.1 - user [04/Nov/2017:13:07:03 +0800] "GET /user.php HTTP/1.1" 200 10
192.168.9.134 - - [04/Nov/2017:13:44:37 +0800] "HEAD HTTP://www.example.com HTTP/1.1" 301 -
192.168.9.134 - - [04/Nov/2017:13:44:56 +0800] "GET HTTP://www.example.com HTTP/1.1" 301 223
192.168.9.134 - - [04/Nov/2017:13:45:59 +0800] "GET HTTP://www.example.com/111111 HTTP/1.1" 301 229
192.168.9.134 - - [04/Nov/2017:13:46:24 +0800] "HEAD HTTP://www.example.com/111111 HTTP/1.1" 301 -
192.168.9.134 - - [04/Nov/2017:13:47:14 +0800] "HEAD HTTP://www.example.com/1dasdasdas HTTP/1.1" 301 -
192.168.9.134 - - [04/Nov/2017:13:47:48 +0800] "HEAD http://111.com/1dasdasdas HTTP/1.1" 404 -
192.168.9.134 - - [04/Nov/2017:13:48:28 +0800] "HEAD http://111.com/user.php HTTP/1.1" 200 -
192.168.9.134 - - [04/Nov/2017:13:55:08 +0800] "GET HTTP://111.com HTTP/1.1" 403 209
192.168.9.134 - - [04/Nov/2017:13:55:13 +0800] "HEAD HTTP://111.com HTTP/1.1" 403 -
192.168.9.1 - - [04/Nov/2017:13:58:02 +0800] "GET /favicon.ico HTTP/1.1" 301 234
192.168.9.1 - - [04/Nov/2017:13:58:02 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - - [04/Nov/2017:13:58:05 +0800] "GET / HTTP/1.1" 301 223
192.168.9.1 - - [04/Nov/2017:13:58:05 +0800] "GET / HTTP/1.1" 200 13
192.168.9.1 - - [04/Nov/2017:14:00:51 +0800] "GET / HTTP/1.1" 200 13
192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 301 234
192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 301 234
192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - - [04/Nov/2017:14:01:28 +0800] "GET / HTTP/1.1" 200 13

HEAD为-I,GET

日志内容格式可以更改

[root@localhost ~]# vi /usr/local/apache2.4/conf/httpd.conf
/LogFormat
    279 LogLevel warn
    280 
    281 <IfModule log_config_module>
    282     #
    283     # The following directives define some format nicknames for use with
    284     # a CustomLog directive (see below).
    285     #
    286     LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    287     LogFormat "%h %l %u %t \"%r\" %>s %b" common
    288 
    289     <IfModule logio_module>
    290       # You need to enable mod_logio.c to use %I and %O
    291       LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    292     </IfModule>
    293 
    294     #

%h来源ip %l用户 %u用户和密码 %t时间 %r方式 %s状态码 %b大小 %{Referer}i跳转路径(从哪里点击) %{User-Agent}i浏览器代理

[root@localhost ~]# vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf 
     36 #    <FilesMatch user.php>
     37 #       AllowOverride AuthConfig
     38 #       AuthName "111.com user auth"
     39 #       AuthType Basic
     40 #       AuthUserFile /data/.htpasswd
     41 #       require valid-user
     42 #    </FilesMatch>
     43 #    </Directory>
     44     <IfModule mod_rewrite.c>
     45         RewriteEngine on
     46         RewriteCond %{HTTP_HOST} !^111.com$
     47         RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
     48     </IfModule>
     49     ErrorLog "logs/111.com-error_log"
     50     CustomLog "logs/111.com-access_log" common
     51 </VirtualHost>

将50的CustomLog "logs/111.com-access_log" common中的common改为combined

[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful


[root@localhost ~]# curl -x 127.0.0.1:80 http://111.com/user.php -I
HTTP/1.1 200 OK
Date: Sat, 04 Nov 2017 06:33:52 GMT
Server: Apache/2.4.29 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: text/html; charset=UTF-8

[root@localhost ~]# curl -x 127.0.0.1:80 http://111.com/user.php
hello!user

[root@localhost ~]# vi /data/wwwroot/abc.com/abc.html
<a href=http://111.com/user.php>hello</a>

然后在Windows下使用浏览器访问111.com/user.php

[root@localhost ~]# tail /usr/local/apache2.4/logs/111.com-access_log 
192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 301 234
192.168.9.1 - - [04/Nov/2017:14:00:57 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 301 234
192.168.9.1 - - [04/Nov/2017:14:01:01 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.9.1 - - [04/Nov/2017:14:01:28 +0800] "GET / HTTP/1.1" 200 13
127.0.0.1 - - [04/Nov/2017:14:33:52 +0800] "HEAD http://111.com/user.php HTTP/1.1" 200 - "-" "curl/7.29.0"
127.0.0.1 - - [04/Nov/2017:14:34:03 +0800] "GET http://111.com/user.php HTTP/1.1" 200 10 "-" "curl/7.29.0"
192.168.9.1 - - [04/Nov/2017:14:35:24 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
192.168.9.1 - - [04/Nov/2017:14:35:25 +0800] "GET /user.php HTTP/1.1" 200 10 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)"
192.168.9.1 - - [04/Nov/2017:14:44:00 +0800] "GET /user.php HTTP/1.1" 200 10 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)"

而Referer则需要通过上级链接点击才能显示出来

通过日志可以了解到用户ip、用户名、时间、行为方式、上级链接、以及系统等一些信息

转载于:https://my.oschina.net/u/3892756/blog/3069288

chouduan9798
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值