这篇博客介绍了如何通过正则表达式匹配和提取nginx日志中的关键信息,如IP地址、时间戳、HTTP请求类型和状态码等。示例代码展示了使用PHP进行匹配的过程,并提到了nginx的日志配置相关资料。
分析nginx日志$s_line = '1.202.39.44 - - [22/Mar/2016:17:12:25 +0800] "POST /auth/login HTTP/1.1" 200 261 "http://www.halfcookie.cn/auth/login" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" "-"'; $p = '/^(\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s-\s(.*)\s\[(.*)\]\s"(.*)\"\s(\d{3})\s(\d+)\s"(.*)"\s"(.*)"\s\"(.*)\"$/u';preg_match($p,$s_line,$a_match); var_dump($a_match);array(13) { [0] => string(233) "1.202.39.44 - - [22/Mar/2016:17:12:25 +0800] "POST /auth/login HTTP/1.1" 200 261 "http://www.halfcookie.cn/auth/login" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" "-"" 'ip' => string(11) "1.202.39.44" [1] => string(11) "1.202.39.44" [2] => string(1) "-" 'time' => string(26) "22/Mar/2016:17:12:25 +0800" [3] => string(26) "22/Mar/2016:17:12:25 +0800" [4] => string(25) "POST /auth/login HTTP/1.1" 'status' => string(3) "200" [5] => string(3) "200" [6] => string(3) "261" [7] => string(35) "http://www.halfcookie.cn/auth/login" [8] => string(108) "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" [9] => string(1) "-" }$s_line = '1.202.39.44 - - [22/Mar/2016:17:12:25 +0800] "POST /auth/login HTTP/1.1" 200 261 "http://www.halfcookie.cn/auth/login" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" "-"'; $p = '/^(?P<ip>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s-\s(.*)\s\[(?P<time>.*)\]\s"(.*)"\s(?P<status>\d{3})\s(\d+)\s\"(.*)\"\s\"(.*)"\s\"(.*)"/u';preg_match($p,$s_line,$a_match); var_dump($a_match);array(13) { [0] => string(233) "1.202.39.44 - - [22/Mar/2016:17:12:25 +0800] "POST /auth/login HTTP/1.1" 200 261 "http://www.halfcookie.cn/auth/login" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" "-"" 'ip' => string(11) "1.202.39.44" [1] => string(11) "1.202.39.44" [2] => string(1) "-" 'time' => string(26) "22/Mar/2016:17:12:25 +0800" [3] => string(26) "22/Mar/2016:17:12:25 +0800" [4] => string(25) "POST /auth/login HTTP/1.1" 'status' => string(3) "200" [5] => string(3) "200" [6] => string(3) "261" [7] => string(35) "http://www.halfcookie.cn/auth/login" [8] => string(108) "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" [9] => string(1) "-" }解析:?P<name> :命名捕获组nginx配置日志文档。。https://www.ttlsa.com/linux/the-nginx-log-configuration/
扫一扫
评论
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
查看更多评论
添加红包
