Skip to main content

Nginx Logs

Log Type:  Nginx Access Logs

Template Description: Parsing the common fields in your Nginx Access log.

Sample Log:

205.197.2.175 - - [22/Aug/2017:17:43:56 +0000] www.sumologic.com "GET /wp-content/uploads/Screen-Shot-2017-04-13-at-7.12.35-PM-231x300.png HTTP/1.1" 304 0 "https://www.sumologic.com/aws/elb/aw...s-application/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0" 0.000

Parsing Rule:

parse regex "^(?<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"
| parse regex "(?<method>[A-Z]+)\s(?<url>\S+)\sHTTP/[\d\.]+\"\s(?<status_code>\d+)\s(?<size>[\d-]+)\s\"(?<referrer>.*?)\"\s\"(?<user_agent>.+?)\".*"

Resulting Fields:

FieldDescriptionExample
src_ipIP from which request was made205.197.2.175
methodHTTP request typeGET
urlResource requested by the client/wp-content/uploads/Screen-Shot-2017-04-13-at-7.12.35-PM-231x300.png
status_codeHTTP response code from server304
 sizeSize of server response in bytes0
 referrerReferral URLhttps://www.sumologic.com/aws/elb/aws-elastic-load-balancers-classic-vs-application/
 user_agentInformation about the client browserMozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0
Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.