背景:
最近貨運倉庫訪問伺服器有超時的情況。
需求:
需要抓到客戶端訪問請求的具體id和其耗時。
解決:
1、使用倉庫伺服器中的一台虛機作為代理,讓操作客戶端通過代理訪問服務端,通過日誌記錄具體的請求信息和響應耗時。
在代理伺服器上安裝squid
yum -y install squid
cat >> /etc/squid/squid.conf << EOF
logformat combined %tl %6tr %>a "%rm %ru %rp HTTP/%rv" %>Hs %<st %Ss:%Sh/%<a
access_log /var/log/squid/access.log combined
EOF
systemctl enable squid --now具體的logformat釋義如下:
ts Seconds since epoch
tu subsecond time (milliseconds)
tr Response time (milliseconds)
>a Client source IP address
ui User name from ident
un A user name. Expands to the first available name
from the following list of information sources:
– authenticated user name, like %ul
– user name supplied by an external ACL, like %ue
– SSL client name, like %us
– ident user name, like %ui
tl Local time. Optional strftime format argument
default %d/%b/%Y:%H:%M:%S %z
[http::]rm Request method (GET/POST etc)
[http::]ru Request URL from client (historic, filtered for logging)
rp Request URL path excluding hostname
[http::]rv Request protocol version
[http::]>Hs HTTP status code sent to the client
[http::]<st Total size of reply sent to client (after adaptation)
[http::]>h Original received request header.
Usually differs from the request header sent by
Squid, although most fields are often preserved.
Accepts optional header field name/value filter
argument using name[:[separator]element] format.
Ss Squid request status (TCP_MISS etc)
Sh Squid hierarchy status (DEFAULT_PARENT etc)
在客戶端pc上設置代理伺服器:
l 直接搜索「代理」 ,點擊「代理伺服器設置」。
l 打開使用代理;輸入代理伺服器設置10.168.79.227 3128,並保存。關閉代理則將開關置為關即可。
l 打開客戶端能進行正常操作即配置成功。
在伺服器上/var/log/squid/access.log的輸出日誌如下,
通過filebeat採集到內網elk。
能通過各種維度分析請求的數據,比如分析url請求耗時的統計排序,請求耗時分布等,非常有助於分析系統問題!
原創文章,作者:投稿專員,如若轉載,請註明出處:https://www.506064.com/zh-tw/n/233027.html
微信掃一掃 
支付寶掃一掃 