Logging
Apache2 access.log 有多行說“組合”
我在 Ubuntu 20.04.2 LTS 上執行 Apache2 網路伺服器。我注意到我
access.log
有幾行只是簡單地說明combine
它們,沒有關於請求或其他任何資訊的資訊。中的其他行access.log
沒有說combine
,並且確實有關於請求的資訊。這是我的範例
access.log
:combine combine combine 45.129.136.74 - - [26/Aug/2021:00:17:23 -0400] "\x03" 400 0 "-" "-" 45.129.136.74 - - [26/Aug/2021:00:17:23 -0400] "\x03" 400 0 "-" "-" combine 192.241.204.78 - - [26/Aug/2021:00:23:55 -0400] "GET / HTTP/1.1" 200 546 "-" "Mozilla/5.0 zgrab/0.x" 84.54.153.88 - - [26/Aug/2021:00:27:54 -0400] "GET / HTTP/1.1" 200 621 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7" combine combine 45.146.164.110 - - [26/Aug/2021:01:02:57 -0400] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:57 -0400] "POST /api/jsonws/invoke HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:57 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:57 -0400] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 200 565 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 565 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "GET /console/ HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.146.164.110 - - [26/Aug/2021:01:02:58 -0400] "GET /_ignition/execute-solution HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.129.136.74 - - [26/Aug/2021:01:05:21 -0400] "\x03" 400 0 "-" "-" 205.185.126.200 - - [26/Aug/2021:01:12:58 -0400] "POST /boaform/admin/formLogin HTTP/1.1" 404 475 "http://40.121.65.70:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 185.189.182.234 - - [26/Aug/2021:01:32:22 -0400] "GET / HTTP/1.1" 400 0 "-" "-" 42.193.16.135 - - [26/Aug/2021:01:34:15 -0400] "GET / HTTP/1.1" 200 565 "-" "Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.62 XWEB/2692 MMWEBSDK/200901 Mobile Safari/537.36" 206.189.182.136 - - [26/Aug/2021:01:45:23 -0400] "GET /ab2g HTTP/1.1" 400 0 "-" "-" 206.189.182.136 - - [26/Aug/2021:01:45:23 -0400] "GET /ab2h HTTP/1.1" 400 0 "-" "-" combine combine combine combine combine
我的
apache2.conf
有以下幾行:LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %O" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent
同樣在我的一個
sites-enabled
配置文件中,我有這一行:CustomLog ${APACHE_LOG_DIR}/access.log combine
combine
訪問日誌中的行是什麼意思?為什麼我會關心看到他們?我怎樣才能防止這些台詞只是說combine
並讓它們真正顯示一些有用的資訊?
對我來說似乎是一個錯字。
這是有問題的行:
CustomLog ${APACHE_LOG_DIR}/access.log combine
文件聲明第二個參數是“由先前的 LogFormat 指令定義的暱稱,或者它可以是日誌格式部分中描述的顯式格式字元串。”
因為這不是以前的 LogFormat 指令定義的暱稱,所以它被視為格式字元串。這意味著記錄了文字“組合”。
大概您想使用先前定義的“組合”LogFormat,在這種情況下,您應該只修復錯字。