Skip to main content

How to exclude IP from logs in nginx?

Imagine a situation: you have a static ip and you do a lot and do a lot of time editing the site. At the same time, you still need to monitor, periodically, the logs for errors in queries, or for vulnerability scans. And the presence of a large number of records with your IP makes it difficult to view logs.

With the help of a conditional entry that is available in nginx, starting with version 1.7.0, we can check the visitor's ip and not record it in the log files. Indeed, why do this if logging your ip is not necessary?

To add such an exception, you need to create a conditional entry based on map_module . The result of the calculation of the conditional record will not be recorded in the log if it is equal to 0. The rule will look like this:

  map $ remote_addr $ loggable {
  "" 0;
  default 1;

That is, the default result is 1, and for the specified ip - 0, and they will not be recorded in the log. Protocol versions 4 and 6 are supported. Note that the first variable here is the address of the connecting client. And the second variable needs to be written in the access log parameters.

  access_log /var/log/nginx/access.log combined if = $ loggable; 

The map block can be specified both at the http level of the nginx config and at the server level.

Exclusion of other data from logs

Disabling IP specific logging is just one example of the many. You can use various variables from the standard .

Let's turn off, as an example, writing to the error.html page log. To do this, create such a block:

  map $ request_uri $ loggable {
  ~ * error.html 0;
  default 1;

And write, as above, the if parameter as an argument to the access_log parameter. After restarting nginx, all requests for error.html will not be written. Including type variations error.html?q=search . For an exact match, you need to write another regular expression.

How do you rate the article?
Звёзд: 1Звёзд: 2Звёзд: 3Звёзд: 4Звёзд: 5 ( 2 ratings, average: 5.00 out of 5)

Add a comment

Your email will not be published.