Skip to main content

Nginx Logs

Log Type:  Nginx Access Logs

Template Description: Parsing the common fields in your Nginx Access log.

Sample Log:

205.197.2.175 - - [22/Aug/2017:17:43:56 +0000] www.sumologic.com "GET /wp-content/uploads/Screen-Shot-2017-04-13-at-7.12.35-PM-231x300.png HTTP/1.1" 304 0 "https://www.sumologic.com/aws/elb/aw...s-application/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0" 0.000

Parsing Rule:

parse regex "^(?<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"
| parse regex "(?<method>[A-Z]+)\s(?<url>\S+)\sHTTP/[\d\.]+\"\s(?<status_code>\d+)\s(?<size>[\d-]+)\s\"(?<referrer>.*?)\"\s\"(?<user_agent>.+?)\".*"

Resulting Fields:

FieldDescriptionExample
src_ipThe source IP address.205.197.2.175
methodHTTP request method.GET
urlResource requested by the client./wp-content/uploads/Screen-Shot-2017-04-13-at-7.12.35-PM-231x300.png
status_codeHTTP response status code.304
 sizeThe size of the object returned to the client.0
 referrerThe website from which the client reports are referred.https://www.sumologic.com/aws/elb/aws-elastic-load-balancers-classic-vs-application
 user_agentInformation about the client browser.Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.