access_log to track failed logins

Antonio P.P. Almeida appa at perusio.net
Wed Dec 19 09:11:30 UTC 2012


> I have a login page that redirects (actually appends the parameter
> "?error=true" to the URL and lets the user try again).
>
> I was trying to re-define "access_log" with a full path and (for now)
> "combined" to a separate file in that location in hopes of tracking
> failed logins in a separate log.  Originally, I had a regex nested
> location for the error redirect, then I took it out and put it in its
> own location.  Nothing seems to work.
>
> This doesn't seem to work at all.  An empty log gets created at startup,
> but nothing ever gets written there.  Is it because the access logging
> is already done by the time the location is determined?
>
> How can I somehow log when someone accesses the "login" page with the
> "error=true" parameter on the URL?

Try at the http level:

map $arg_error $log_error {
   default 0;
   true 1;
}

and at the server level:

error_page 418 @log-error;

if ($log_error) {
    return 418;
}

location @log-error {
    access_log my_special.log;
}


--appa



More information about the nginx mailing list