Opened 4 years ago
Closed 4 years ago
#2064 closed defect (invalid)
$time_iso8601 not set or invalid value?
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | documentation | Version: | 1.19.x |
| Keywords: | Cc: | ||
| uname -a: | Linux HOST.DOMAIN.TLD 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.14.0 (Ubuntu)
built with OpenSSL 1.1.1 11 Sep 2018 (running with OpenSSL 1.1.1g 21 Apr 2020) TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-GkiujU/nginx-1.14.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_flv_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_mp4_module --with-http_perl_module=dynamic --with-http_random_index_module --with-http_secure_link_module --with-http_sub_module --with-http_xslt_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-headers-more-filter --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-auth-pam --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-cache-purge --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-dav-ext --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-ndk --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-echo --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-fancyindex --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/nchan --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-lua --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/rtmp --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-uploadprogress --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-upstream-fair --add-dynamic-module=/build/nginx-GkiujU/nginx-1.14.0/debian/modules/http-subs-filter |
||
Description
Maybe this is weird configuration error on my part (it usually is), but..
I am splitting logs like this:
server {
# ... other directives
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
}
access_log /home/$username/log/$year-$month-$day-access.log;
}
This is not inside location directive, so "IF is evil" shouldn't count.
And it works most of the time, but I keep finding these logfiles that are named ---access.log. For example, small website had 28746 requests and 30 requests that have been logged into ---access.log, all the other requests are just fine YYYY-MM-DD-access.log files, which would mean the regex doesn't match and the variables don't get set.
So technically, there is somewhere a scenario in which $time_iso8601 has value that doesn't match regex or doesn't have value at all.
The logfile itself is ok. Weirdly Let's Encrypt validation server seems to get logged there (with HTTP code 200), most others seem to be invalid requests with HTTP code 400.
There are obvious cases when such a configuration would result in $year/$month/$day variables not being set, for example, request parsing errors, such as 400. Why Let's Encrypt validation ends up in the same log needs more detailed information on how it is implemented, most likely the reason is that something in "other directives" stops rewrite directive processing, so the "if" in question is not executed.
A better (and the only which is going to work with errors) solution would be to use a map instead of trying to set variables using the "if" directive.
If you need additional help with configuring nginx, consider using support options available.