Clarification on log format used by Elastic's NGINX Integration

Hi,

I'm currently utilizing Elastic's NGINX integration to collect and analyze my server logs. Could someone clarify which log format this integration expects by default? Is it compatible with NGINX's default "combined" log format, or does it require a specific custom format?

Thank you!

As mentioned in the Nginx integration overview:

The Nginx integration allows you to monitor Nginx servers. Time series index mode enabled for metrics data stream.

Use the Nginx integration to collect metrics and logs from your server. Then visualize that data in Kibana, use the Machine Learning app to find unusual activity in HTTP access logs, create alerts to notify you if something goes wrong, and reference data when troubleshooting an issue.

Hi @yago82

Yes should support standard combined format. Is this not your experience?

Here is detailed information

1 Like

Hi Stephen,

Thank you for the information and documentation. I just need to test it now because, unless I missed it, I don't see a reference to the default or combined log format. Unfortunately, the examples also lack event.original, which would have been useful as a reference. It might be helpful to have a clear mention of the tested log format in the documentation—again, unless I overlooked it.

Thanks again!

The logs useds in the tests for integration are in the Github repository.

For example, the access logs for Ningx will be here.

You have the raw logs examples and the expected output.

1 Like