Want to subscribe to topics you're interested in?
Become a Member

Nginx Nginx Amplify Open Source Monitoring Service

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Nov 18, 2015.

  1. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    10:39 AM
    Mainline
    10.2
    With this service can we monitor?
    • TLS version usage... 1.0, 1.1, 1.2, 1.3
    • HTTP version usage... HTTP 1.1, HTTP/2
    • Status Codes stats? Specially 40x, 50x
    • SSL/TLS cipher usage
    • RSA/ECC Cert being served


     
  2. eva2000

    eva2000 Administrator Staff Member

    53,488
    12,130
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,672
    Local Time:
    12:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    for HTTP 1/1.1/2 somewhat with default template

    upload_2018-10-27_8-50-49.png

    upload_2018-10-27_8-51-31.png

    but there's custom dashboards you can setup too

    upload_2018-10-27_9-3-30.png

    upload_2018-10-27_9-4-8.png

    for SSL cert/protocol/cipher logging you can do that another way as default nginx access logs don't log ssl/protocol/cipher info unless you do it like SSL - HTTP/TLS Protocol and SSL Cipher Usage Statistics Logging
     
  3. eva2000

    eva2000 Administrator Staff Member

    53,488
    12,130
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,672
    Local Time:
    12:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    FYI supported Nginx metrics (IF log has support added for that metric) Amplify | Library

    Centmin Mod Nginx default access log uses the following metrics

    Code (Text):
    log_format  main  '$remote_addr - $remote_user [$time_local] $request '
                    '"$status" $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"'
                    ' "$connection" "$connection_requests" "$request_time"';
    

    Note altering these defaults may break other stats reading software like goaccess, ngxtop etc. That's why at SSL - HTTP/TLS Protocol and SSL Cipher Usage Statistics Logging you create a secondary separate log_format and separate access log file for custom metric logging.

    However, notes on using multiple access logs for same site Amplify | Library

    Excluding logs Amplify | Library

    Guess if you add a custom log_format used for cloudflare it can serve 2 purposes for logging ssl_protocol and ssl_cipher info as well as cloudflare data if it exists in nginx.conf http{} context add under existing log_format configs

    Code (Text):
    log_format cf_custom4 '$remote_addr - $remote_user [$time_local] $request '
                  '"$status" $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio" "$brotli_ratio"'
                  ' "$connection" "$connection_requests" "$request_time" $http_cf_ray '
                  '$ssl_protocol $ssl_cipher $http_content_length $http_content_encoding $request_length';
    

    Then add a custom access.log format to all your Nginx vhosts at /home/nginx/domains/domain.com/log/cfssl-access.log
    Code (Text):
      access_log /home/nginx/domains/domain.com/log/cfssl-access.log cf_custom4 buffer=256k flush=5m;
    

    so looks like
    Code (Text):
      access_log /home/nginx/domains/domain.com/log/access.log combined buffer=256k flush=5m;
      access_log /home/nginx/domains/domain.com/log/cfssl-access.log cf_custom4 buffer=256k flush=5m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    


    or use nginx amplify custom log formats named main_ext and main_extssl but add additional variables to log in main_extssl format
    Code (Text):
    log_format  main_ext  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for" '
                          '"$host" sn="$server_name" '
                          'rt=$request_time '
                          'ua="$upstream_addr" us="$upstream_status" '
                          'ut="$upstream_response_time" ul="$upstream_response_length" '
                          'cs=$upstream_cache_status' ;
    
    log_format  main_extssl  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for" '
                          '"$host" sn="$server_name" '
                          'rt=$request_time '
                          'ua="$upstream_addr" us="$upstream_status" '
                          'ut="$upstream_response_time" ul="$upstream_response_length" '
                          'cs=$upstream_cache_status' 
                          ' "$gzip_ratio" "$brotli_ratio" '
                          '$http2 $ssl_protocol $ssl_cipher $ssl_session_reused $ssl_early_data '
                          '$http_content_length $http_content_encoding $request_length '
                          '$tcpinfo_rtt $tcpinfo_snd_cwnd '
                          '$http_cf_ipcountry $http_cf_ray';
    

    Then add a custom access.log format to all your Nginx vhosts at /home/nginx/domains/domain.com/log/cfssl-access.log
    Code (Text):
      access_log /home/nginx/domains/domain.com/log/cfssl-access.log main_extssl buffer=256k flush=5m;
    

    so looks like
    Code (Text):
      access_log /home/nginx/domains/domain.com/log/access.log combined buffer=256k flush=5m;
      access_log /home/nginx/domains/domain.com/log/cfssl-access.log main_extssl buffer=256k flush=5m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    


    Using main_extssl log format the differences between default access.log and mainext_ssl cfssl-access.log entry
    Code (Text):
    tail -1 access.log
    xxx.xxx.xxx.xxx - - [27/Oct/2018:01:13:51 +0000] "GET / HTTP/2.0" 200 2102 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 OPR/56.0.3051.52"
    

    Code (Text):
    tail -1 cfssl-access.log                  
    xxx.xxx.xxx.xxx - - [27/Oct/2018:01:13:51 +0000] "GET / HTTP/2.0" 200 2102 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 OPR/56.0.3051.52" "-" "domain.com" sn="domain.com" rt=0.000 ua="-" us="-" ut="-" ul="-" cs=- "3.15" "-" h2 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 . - - - 302 34634 10 - -
    


    Then in /etc/amplify-agent/agent.conf exclude the default Centmin Mod Nginx log format /home/nginx/domains/domain.com/log/access.log
    Code (Text):
    [nginx]
    exclude_logs=/home/nginx/domains/*/log/access.log,/home/nginx/domains/*/log/access-*.log
    
     
    Last edited: Oct 27, 2018
  4. pamamolf

    pamamolf Premium Member Premium Member

    4,068
    427
    83
    May 31, 2014
    Ratings:
    +832
    Local Time:
    5:39 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Today my dashboard is empty :eek:

    It just recommend me to install the agent on my servers.....
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,488
    12,130
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,672
    Local Time:
    12:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    woah - just checked my and still dashboard intact - you might want to contact support to see what happened
     
  6. negative

    negative Active Member

    415
    50
    28
    Apr 11, 2015
    Ratings:
    +98
    Local Time:
    5:39 AM
    1.9.10
    10.1.11
    Same here,

    My dashboard shows that only php-fpm, mysql and system stats. Nginx stats has gone.

    May related with nginx latest version 1.17.4
     
  7. pamamolf

    pamamolf Premium Member Premium Member

    4,068
    427
    83
    May 31, 2014
    Ratings:
    +832
    Local Time:
    5:39 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Weird....

    No big deal as i am not checking them a lot but i was wondering how and why as even if the agent is stopped the servers are there....

    Don't know if they reset something on my account as i got extra 10 monitors for reporting something that i don't even remember.....

    I just post here to check if other users have the same issue..

    Thanks
     
  8. negative

    negative Active Member

    415
    50
    28
    Apr 11, 2015
    Ratings:
    +98
    Local Time:
    5:39 AM
    1.9.10
    10.1.11
    I've tried to run the yum update nginx-amplify-agent command but it says there is no update.

    I've sent an email to amplify-support@nginx.com and ticket assigned, waiting for reply.