alpコマンドでNginxのログ解析
ISUCONネタです.
環境
Ubuntu 16.04.3 LTS
インストール
$ wget https://github.com/tkuchiki/alp/releases/download/v0.3.1/alp_linux_amd64.zip
$ unzip alp_linux_amd64.zip
$ mv alp /usr/local/bin/
$ alp --help
usage: alp [<flags>]
Access Log Profiler for LTSV (read from file or stdin).
Flags:
--help Show context-sensitive help (also try --help-long and --help-man).
-c, --config=CONFIG config file
-f, --file=FILE access log file
-d, --dump=DUMP dump profile data
-l, --load=LOAD load profile data
--max sort by max response time
--min sort by min response time
--avg sort by avg response time
--sum sort by sum response time
--cnt sort by count
--uri sort by uri
--method sort by method
--max-body sort by max body size
--min-body sort by min body size
--avg-body sort by avg body size
--sum-body sort by sum body size
--p1 sort by 1 percentail response time
--p50 sort by 50 percentail response time
--p99 sort by 99 percentail response time
--stddev sort by standard deviation response time
-r, --reverse reverse the result of comparisons
-q, --query-string include query string
--tsv tsv format (default: table)
--apptime-label="apptime" apptime label
--reqtime-label="reqtime" reqtime label
--status-label="status" status label
--size-label="size" size label
--method-label="method" method label
--uri-label="uri" uri label
--time-label="time" time label
--limit=5000 set an upper limit of the target uri
--location=LOCATION location name
--includes=PATTERN,... don't exclude uri matching PATTERN (comma separated)
--excludes=PATTERN,... exclude uri matching PATTERN (comma separated)
--include-statuses=PATTERN,...
don't exclude status code matching PATTERN (comma separated)
--exclude-statuses=PATTERN,...
exclude uri status code PATTERN (comma separated)
--noheaders print no header line at all (only --tsv)
--aggregates=PATTERN,... aggregate uri matching PATTERN (comma separated)
--start-time=TIME since the start time
--end-time=TIME end time earlier
--start-time-duration=TIME_DURATION
since the start time (now - time.Duration)
--end-time-duration=TIME_DURATION
end time earlier (now - time.Duration)
--version Show application version.
Nginxの設定
alpはLTSV(Labeled Tab-serapated Values)形式のログファイルを集計するコマンドなので, ログ出力形式をLTSVにする必要がある. /etc/nginx/nginx.confを次のように設定.
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
log_format ltsv "time:$time_local"
"\thost:$remote_addr"
"\tforwardedfor:$http_x_forwarded_for"
"\treq:$request"
"\tstatus:$status"
"\tmethod:$request_method"
"\turi:$request_uri"
"\tsize:$body_bytes_sent"
"\treferer:$http_referer"
"\tua:$http_user_agent"
"\treqtime:$request_time"
"\tcache:$upstream_http_x_cache"
"\truntime:$upstream_http_x_runtime"
"\tapptime:$upstream_response_time"
"\tvhost:$host";
server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
access_log /var/log/nginx/access.log ltsv;
location / {
proxy_pass http://127.0.0.1:5000;
}
location /stars {
proxy_pass http://127.0.0.1:5001;
}
}
}
そして再起動
systemctl restart nginx.service
何もエラーが出なければ成功している.
ログの見方
-fオプションをつけると, ログファイルを指定して結果を表示することが出来る.
$ alp -f /var/log/nginx/access.log +-------+-------+-------+-------+-------+-------+-------+-------+--------+-----------+-----------+------------+-----------+--------+---------------------------+ | COUNT | MIN | MAX | SUM | AVG | P1 | P50 | P99 | STDDEV | MIN(BODY) | MAX(BODY) | SUM(BODY) | AVG(BODY) | METHOD | URI | +-------+-------+-------+-------+-------+-------+-------+-------+--------+-----------+-----------+------------+-----------+--------+---------------------------+ | 2 | 0.001 | 0.001 | 0.002 | 0.001 | 0.001 | 0.001 | 0.001 | 0.000 | 1687.000 | 1687.000 | 3374.000 | 1687.000 | GET | /login | | 1 | 0.001 | 0.001 | 0.001 | 0.001 | 0.001 | 0.001 | 0.001 | 0.000 | 1696.000 | 1696.000 | 1696.000 | 1696.000 | GET | /register | | 72 | 0.001 | 0.003 | 0.086 | 0.001 | 0.000 | 0.001 | 0.003 | 0.001 | 335.000 | 335.000 | 24120.000 | 335.000 | POST | /top4aew4fe9yeehu/job/new | | 2 | 0.087 | 0.099 | 0.186 | 0.093 | 0.087 | 0.087 | 0.087 | 0.006 | 12129.000 | 12143.000 | 24272.000 | 12136.000 | GET | /keyword/熱塩循環 | | 5 | 0.640 | 1.020 | 4.252 | 0.850 | 0.640 | 0.804 | 0.948 | 0.130 | 54863.000 | 54878.000 | 219467.000 | 43893.400 | GET | / | +-------+-------+-------+-------+-------+-------+-------+-------+--------+-----------+-----------+------------+-----------+--------+---------------------------+
各項目の意味は
| 項目 | 意味 |
|---|---|
| COUNT | アクセス回数 |
| MIN | URIへのアクセスにかかる最小アクセス時間 |
| MAX | URIへのアクセスにかかる最大アクセス時間 |
| SUM | URIへアクセスするのにかかった時間の合計 |
| AVG | URIへアクセスするのにかかった時間の平均 |
| P1 | 1パーセンタイル値 |
| P50 | 50パーセンタイル値 |
| P99 | 99パーセンタイル値 |
| STDDEV | 応答時間の標準偏差 |
| MIN(BODY) | そのURIが返した最小のボディサイズ |
| MAX(BODY) | そのURIが返した最大のボディサイズ |
| SUM(BODY) | そのURIが返したボディサイズの合計 |
| AVG(BODY) | そのURIが返したボディサイズの平均 |
| METHOD | 呼び出したメソッドの種類 |
| URI | 計測したURI |
間違っていたら指摘してください. パーセンタイル値って初めて知りましたね…
