Nginx Access Log Stats

Log Format

log_format main '$remote_addr - $remote_user [$time_local] '
                '"$request" $status $body_bytes_sent "$http_referer" '
                '"$http_user_agent" "$http_x_forwarded_for" '
                'rt="$request_time" '
                'ua="$upstream_addr" us="$upstream_status" '
                'uct="$upstream_connect_time" uht="$upstream_header_time" '
                'urt="$upstream_response_time" url="$upstream_response_length"';

Variable	Example	Quotes
upstream_addr	192.168.1.1:12345, 192.168.1.2:12345, unix:/tmp/sock	YES
http_x_forwarded_for	192.168.1.10, 10.0.0.1, 172.16.0.1	YES

Fluent bit

[PARSER]
    Name        nginx_access
    Format      regex
    Regex       ^(?<log_remote_addr>[^ ]*) - (?<log_remote_user>[^ ]*) \[(?<log_time_local>[^\]]*)\] "(?<log_request>[^"]*)" (?<log_status>[^ ]*) (?<log_body_bytes_sent>[^ ]*) "(?<log_http_referer>[^"]*)" "(?<log_http_user_agent>[^"]*)" "(?<log_http_x_forwarded_for>[^"]*)" rt="(?<log_request_time>[^"]*)" ua="(?<log_upstream_addr>[^"]*)" us="(?<log_upstream_status>[^"]*)" uct="(?<log_upstream_connect_time>[^"]*)" uht="(?<log_upstream_header_time>[^"]*)" urt="(?<log_upstream_response_time>[^"]*)" url="(?<log_upstream_response_length>[^"]*)"$
    Time_Key    log_time_local
    Time_Format %d/%b/%Y:%H:%M:%S %z

Otel Collector

      transform/nginx:
        error_mode: ignore
        log_statements:
  - conditions:
    - IsMap(body)
          context: log
          statements:
      - set(attributes["timestamp"], body["timestamp"])
        - set(attributes["namespace"], body["k8s_namespace_name"])
          - set(attributes["container_name"], body["k8s_container_name"])
          - set(attributes["pod_name"], body["k8s_pod_name"])
          - set(attributes["pod_ip"], body["k8s_pod_ip"])
          - set(attributes["container_image"], body["k8s_container_image"])
          - set(attributes["remote_addr"], body["log_remote_addr"])
          - set(attributes["remote_user"], body["log_remote_user"])
          - set(attributes["request_path"], body["log_request"])
          - set(attributes["request_status"], body["log_status"])
          - set(attributes["body_bytes_send"], body["log_body_bytes_sent"])
          - set(attributes["http_referer"], body["log_http_referer"])
          - set(attributes["http_user_agent"], body["log_http_user_agent"])
          - set(attributes["http_x_forwarded_for"], body["log_http_x_forwarded_for"])
          - set(attributes["request_time"], body["log_request_time"])
          - set(attributes["upstream_addr"], body["log_upstream_addr"])
          - set(attributes["upstream_status"], body["log_upstream_status"])
          - set(attributes["upstream_connect_time"], body["log_upstream_connect_time"])
          - set(attributes["upstream_header_time"], body["log_upstream_header_time"])
          - set(attributes["upstream_response_time"], body["log_upstream_response_time"])
          - set(attributes["upstream_response_length"], body["log_upstream_response_length"])
          - set(resource.attributes["service.name"], body["k8s_container_name"])
          - set(instrumentation_scope.name, body["log_remote_addr"])
          - set(instrumentation_scope.schema_url, body["log_request_path"])
          - set(instrumentation_scope.version, body["log_request_method"])
          - set(body, body["log_request"])

References

• Nginx Variables
• Nginx Metrics