Instantly share code, notes, and snippets.

Embed
What would you like to do?
Anonymized nginx server logs
## A simple solution how to anonymize nginx server logs
##
## WARNING: Please be aware that error logs can still leak client's ip address,
## currently I am not aware of any way around that except turning error logs off completely.
##
http {
#(...)
map $remote_addr $anon_remote_addr {
"~^(?<ip_a>\d+\.\d+)\.\d+\.\d+" "$ip_a";
}
log_format combined_anon '$anon_remote_addr.0.0 - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
# Set it globally
access_log /var/log/nginx/access.log combined_anon;
#(...)
}
## Or In the server context
server {
#(...)
access_log /var/log/nginx/sever.log combined_anon;
#(..)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment