GUI services in the system log are filled with nginx messages
-
@willemb said in GUI services in the system log are filled with nginx messages:
Thanks fireodo.
Glad you made it!
-
@fireodo That worked perfectly! Thanks!
-
@fireodo So this is the line I see
access_log syslog:server=unix:/var/run/log,facility=local5 combined;
I should change it to
access_log off; #syslog:server=unix:/var/run/log,facility=local5 combined;
-
@troysjanda said in GUI services in the system log are filled with nginx messages:
should change it to
access_log off; #syslog:server=unix:/var/run/log,facility=local5 combined;Looks OK
-
-
-
-
-
-
-
I've kept this log activated. I just filtered it on "newsyslog" for the process. Over the last 2 days, my default (500k) sized logs have "turned over" 10 times:
In all my other logs, I've got two of them where they've turned over twice (each).
-
@areckethennu said in GUI services in the system log are filled with nginx messages:
Over the last 2 days, my default (500k) sized logs have "turned over" 10 times:
5 times? newsyslog is always listed twice in a row, looking at the times, not sure why and haven't looked into it.
Do you leave your dashboard page visible? The web server logs all HTTP requests so the dashboard will generate a lot as it updates widgets.
Looking at a few routers we manage the log file turnover seems to range between a few days to a week, to several months, so I would think it just depends on how busy the router's web GUI is. As I mentioned above this log existed in prior versions as well. I suppose it's possible the dashboard or GUI makes more web requests in this version but that seems unlikely to be a significant difference to me, especially if the web GUI isn't being used a lot.
-
@steveits I was actually using the WebGUI yesterday and the day ended with that log turning over 10 times for that day, alone. And, yes, I don't usually use the WebGUI all that much, but there seems to be an awful lot more entries than I remember.
Anyway, I opened a bug report on it:
https://redmine.pfsense.org/issues/12833
But, they explained that it was necessary for security logging and closed it. I understand that perfectly. It's just a bit bothersome.
-
Other solutions :
Instead of looking at the dashboard page, look somewhere else, like the logs files page.
The dashboard page takes a lot of resource to create.Also : consider sending the logs to a remote syslog server, create one on your LAN.
Another solution :
Instead of disabling the logging, read what is proposed here :
Enabling Conditional Logging
The example shows how to excludes requests with HTTP status codes 2xx (Success) and 3xx (Redirection).
So the ordinary page requests will not get logged, but errors etc will. -
@gertjan how to deploy this in pfsense
map $status $loggable { ~^[23] 0; default 1; } access_log /path/to/access.log combined if=$loggable;
-
@areckethennu said in GUI services in the system log are filled with nginx messages:
I've kept this log activated. I just filtered it on "newsyslog" for the process. Over the last 2 days, my default (500k) sized logs have "turned over" 10 times:
In all my other logs, I've got two of them where they've turned over twice (each).
That answer to keeping these out of syslog is to go to System Logs > Setting, and then uncheck "Everything" at the bottom in the section called "Remote Syslog Contents". You can check everything else, but having Everything checked drops all the GUI to syslog.
Seems there should be a checkbox for GUI service.
-
@troysjanda Did you ever figure out how to implement this? I don't need every page load logged, but logging errors would be useful.
-
@GPz1100 this is an old thread. Consider creating a new post.
Regards.
-
I just disabled it and it made the problem go away. I unfortunately can't provide much other info as I moved to OPNsense right after Netgate kindly revoked my "Lifetime" license they granted me 10 months earlier as a home user.... OPN is better supported IMO, open source, and not driven by greed. :)
-
@madfuzker Understood. I disabled it too as it seems the log content isn't very useful unless there's a problem.
As for the license changes; well, that's a topic for another thread :). I passed on opn for other reasons.
@VioletDragon So what if it's an old thread. The concern was never adequately addressed. A welcomed solution would be to have a loglevel option in the gui. Want everything, no problem, want errors only, we can do that too.