How to configure NGINX as a Data source

Configure as Monitor

In order to use NGINX® as a Data Source for Pluribus One WAS® it is necessary to perform some simple steps:

  • STEP 1 - Define a Log Format.
  • STEP 2 - Send the Access & Error Log.

The following paragraphs will guide you through all the required steps. For further information please refer to the official documentation at https://www.nginx.com/products/nginx/ .

 

STEP 1 - Define a Log Format.

The first prerequisite to setup NGINX® as a Data Source is to define a specific syslog format that contains all required information that will allow Pluribus One WAS® to properly analyze the incoming traffic.

This is the correct definition that should be included:

log_format ap_format '"$request_id"|"$time_local"|"$remote_addr"|'
        '"$host"|"$uri"|"$request_method"|"$server_protocol"|'
        '"$query_string"|"$http_referer"|"$status"|'
        '"$http_user_agent"|"$http_cookies"|"$content_type"|'
        '"$server_addr"|"$http_x_forwarded_for"|"$remote_port"|'
        '"$server_port"|"$bytes_sent"';

 

You can also download a txt file cointaining the text provided above. You can find a file named nginx_log_format.txt at this link .

 The syslog definition must be added within the configuration file located in /etc/nginx/nginx.conf.

 

STEP 2 - Send the Access & Error Log.

Once an Access & Error log have been successfully defined it is now time to send the data to the host device where Pluribus One WAS® has been deployed. In order to correctly route the data use these two instructions: 

  • access_log syslog:server=IP_HOST_AP,tag=nginx_ap ap_format;
  • error_log syslog:server=IP_HOST_AP warn;


In the code above, the field "IP_HOST_AP" should be replaced with the IP address of the host device where Pluribus One WAS® has been deployed. In order to keep a certain degree of consistency between the new settings and the other setting applied on NGINX® it is strongly advised to place the two instructions presented above exactly where other access and error logs have been defined.

Some common locations for such definition are:

  • /etc/nginx/conf.d/
  • /etc/nginx/nginx.conf


There are some very important additional notes regarding the directives describeded above (i.e., log_format, access_log, error_log):

  • The directive called log_format must be inserted within the http section of the configuration file. Adding the directive in the server section of the configuration file is wrong and it will cause an error that will prevent NGINX® from starting.
  • The two directives called access_log and error_log must be inserted within the server section of the configuration file.

For further information please refer to the official NGINX® documentation at this link: https://docs.nginx.com/nginx/admin-guide/monitoring/logging/ .