tomcat8的access日志量很大,前端时间还嫌弃它,没想到现在要依靠它来定位问题。
配置文件:$TOMCAT_HOME/conf/server.xml
默认配置:%h %l %u %t "%r" %s %b"
日志显示成:ip - - [12/Jan/2017:10:05:23 +0800] "GET url HTTP/1.1" 200 15846
因从客户到服务端有个负载均衡,当前%h 显示的都是负载均衡地址,这对定位问题来说一点用处也没呀。
%h 改成
%a - Remote IP address
%A - Local IP address
目的: 用户IP是多少,用户访问落到哪台服务器上。
%l - Remote logical username from identd (always returns '-')
保留不动
%u - Remote user that was authenticated (if any), else '-'
保留不动
%t - Date and time, in Common Log Format
保留不动
%r - First line of the request (method and request URI)
保留不动(定位问题)
%s - HTTP status code of the response
保留不动 (定位问题)
%b - Bytes sent, excluding HTTP headers, or '-' if zero
保留不动
增加:
%D - Time taken to process the request, in millis
请求消耗时间,单位毫秒 (定位问题)
%F - Time taken to commit the response, in millis
请求响应的处理时间,单位毫秒 (定位问题)
日志配置:%a - %A %l %u %t "%r" %s %b request:%D response:%F
单机访问的显示日志:
10.0.6.240 - localip - - [12/Jan/2017:10:25:44 +0800] "GET url HTTP/1.1" 404 12698 request:63 response:22
10.0.6.240 - localip - - [12/Jan/2017:10:25:49 +0800] "GET url HTTP/1.1" 200 21102 request:168 response:159```
但是通过负载访问时,%a得到 还是 负载服务器的IP
参考Nginx的配置,日志配置:
%{X-Forwarded-For}i - %a -%A %l %u %t "%r" %s %b request:%D response:%F
当然,如果还需要额外的信息怎么办?比如 userID等,如果该信息和X-Forwarded-For一样是头文件中的,也可通过
%{UserID}i
**%{xxx}i
** write value of incoming header with name xxx
**%{xxx}o
** write value of outgoing header with name xxx
**%{xxx}c
** write value of cookie with name xxx
**%{xxx}r
** write value of ServletRequest attribute with name xxx
**%{xxx}s
** write value of HttpSession attribute with name xxx
**%{xxx}p
** write local (server) port (xxx==local) or remote (client) port (xxx=remote)
**%{xxx}t
** write timestamp at the end of the request formatted using the enhanced SimpleDateFormat pattern xxx
因日期格式比较难懂,日志配置改成:
pattern="%{X-Forwarded-For}i %{UserID}i %a %A %l %u %{yyyy-MM-dd HH:mm:ss}t "%r" %s %b %D %F" />
日期显示成:2017-01-12 12:12:34
搞定。
>X-Forwarded-For 是一个 HTTP 扩展头部。HTTP/1.1(RFC 2616)协议并没有对它的定义,它最开始是由 Squid 这个缓存代理软件引入,用来表示 HTTP 请求端真实 IP。如今它已经成为事实上的标准,被各大 HTTP 代理、负载均衡等转发服务广泛使用,并被写入 [RFC 7239](http://tools.ietf.org/html/rfc7239)(Forwarded HTTP Extension)标准之中。
获取客户端IP的代码
var http = require('http');http.createServer(function (req, res) {
res.writeHead(200, {'Content-Type': 'text/plain'});
res.write('remoteAddress: ' + req.connection.remoteAddress + '\n');
res.write('x-forwarded-for: ' + req.headers['x-forwarded-for'] + '\n');
res.write('x-real-ip: ' + req.headers['x-real-ip'] + '\n');
res.end();}).listen(8080, '0.0.0.0');
官方:
%a - Remote IP address
%A - Local IP address
%b - Bytes sent, excluding HTTP headers, or '-' if zero
%B - Bytes sent, excluding HTTP headers
%h - Remote host name (or IP address if enableLookups
for the connector is false)
%H - Request protocol
%l - Remote logical username from identd (always returns '-')
%m - Request method (GET, POST, etc.)
%p - Local port on which this request was received. See also %{xxx}p
below.
%q - Query string (prepended with a '?' if it exists)
%r - First line of the request (method and request URI)
%s - HTTP status code of the response
%S - User session ID
%t - Date and time, in Common Log Format
%u - Remote user that was authenticated (if any), else '-'
%U - Requested URL path
%v - Local server name
%D - Time taken to process the request, in millis
%T - Time taken to process the request, in seconds
%F - Time taken to commit the response, in millis
%I - Current request thread name (can compare later with stacktraces)
