How To Configure Logging and Log Rotation in Nginx on an Ubuntu VPS

Introduction

To save yourself some trouble with your web server, you can configure logging. Logging information on your server gives you access to the data that will help you troubleshoot and assess situations as they arise.

In this tutorial, you will examine Nginx’s logging capabilities and discover how to configure these tools to best serve your needs. You will use an Ubuntu 22.04 virtual private server as an example, but any modern distribution should function similarly.

Prerequisites to Configure Logging and Log Rotation in Nginx

To follow this tutorial, you will need:

  • One Ubuntu 22.04 server with a non-root sudo-enabled user with a firewall. Follow our Initial Server Setup to get started.
  • Nginx installed on the server. Follow our How to Install Nginx on Ubuntu 22.04 tutorial to get it installed.

With Nginx running on your Ubuntu 22.04 server, you’re ready to begin.

Understanding the error_log Directive

Nginx uses a few different directives to control system logging. The one included in the core module is called error_log.

error_log Syntax

The error_log directive is used to handle logging general error messages. If you are familiar with Apache, this is very similar to Apache’s ErrorLog directive.

The error_log directive applies the following syntax:


/etc/nginx/nginx.conf
error_log log_file log_level
  

The log_file specifies the file where the logs will be written. The log_level specifies the lowest level of logging that you would like to record.

Logging Levels for Configure Logging and Log Rotation in Nginx

The error_log directive can be configured to log more or less information as required. The level of logging can be any one of the following:

  • emerg: Emergency situations where the system is in an unusable state.
  • alert: Severe situations where action is needed promptly.
  • crit: Important problems that need to be addressed.
  • error: An error has occurred and something was unsuccessful.
  • warn: Something out of the ordinary happened, but is not a cause for concern.
  • notice: Something normal, but worth noting what has happened.
  • info: An informational message that might be nice to know.
  • debug: Debugging information that can be useful to pinpoint where a problem is occurring.

The levels higher on the list are considered a higher priority. If you specify a level, the log captures that level, and any level higher than the specified level.

For example, if you specify error, the log will capture messages labeled error, crit, alert, and emerg.

An example of this directive in use is inside the main configuration file. Use your preferred text editor to access the following configuration file. This example uses nano:

sudo nano /etc/nginx/nginx.conf

Scroll down the file to the # Logging Settings section and notice the following directives:


/etc/nginx/nginx.conf
. . .
##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
. . .
  

If you do not want the error_log to log anything, you must send the output into /dev/null:


/etc/nginx/nginx.conf
. . .
error_log /dev/null crit;
. . .
  

The other logging directive, access_log, will be discussed in the following section.

Understanding HttpLogModule Logging Directives to Configure Logging and Log Rotation in Nginx

While the error_log directive is part of the core module, the access_log directive is part of the HttpLogModule. This provides the ability to customize the logs.

log_format Directive

The log_format directive is used to describe the format of a log entry using plain text and variables. There is one format that comes predefined with Nginx called combined. This is a common format used by many servers.

The following is an example of the combined format:


/etc/nginx/nginx.conf
log_format combined '$remote_addr - $remote_user [$time_local]  '
		    '"$request" $status $body_bytes_sent '
		    '"$http_referer" "$http_user_agent"';
  

The lines beginning with a dollar sign ($) indicate variables, while the characters like -, [, and ] are interpreted literally.

Understanding the access_log Directive

The access_log directive uses similar syntax to the error_log directive but is more flexible. It is used to configure custom logging.


/etc/nginx/nginx.conf
access_log /path/to/log/location [ format_of_log buffer_size ];
  

You can use any format defined by a log_format definition. The buffer size is the maximum size of data that Nginx will hold before writing it all to the log.

Managing a Log Rotation

As log files grow, it becomes necessary to manage the logging mechanisms to avoid filling up your disk space. Log rotation is the process of switching out log files and possibly archiving old files for a set amount of time.

Manual Log Rotation: To manually rotate your logs, move the current log to a new file:

mv /path/to/access.log /path/to/access.log.0

Log Rotation with logrotate

The logrotate application is a program used to rotate logs. It is installed on Ubuntu by default, and Nginx on Ubuntu comes with a custom logrotate script:

sudo nano /etc/logrotate.d/nginx

Ensure the configuration matches your log paths and rotation requirements.

Conclusion for Configure Logging and Log Rotation in Nginx

Proper log configuration and management can save you time and energy in the event of a problem with your server. This guide serves as an introduction to logging with Nginx. For more tips, check out our tutorial on How To Troubleshoot Common Nginx Errors.