Statistics
Contents |
Synopsis
The ngx_http_statistics module has the functionality that collects traffic and attack statistics in SEnginx.
Since all statistics data is stored in memory, if SEnginx quits, the statistics data will be discarded. Reloading SEnginx doesn't have this issue.
Currently the following items are supported:
Traffic Statistics
- How many requests are in progress ("cur_rec")
- How many requests have been processed by the server since it launched ("rec")
- How many responses are sent by the server based on response code ("res_Nxx")
- How many bytes are sent by the server ("sent")
- How many bytes are received by the server ("recvd")
Traffic statistics only available on the server side, upstream side is not supported yet.
Attack Statistics
- SQL Injection ("sql") processed by Naxsi
- Cross Site Scripting ("xss") processed by Naxsi
- Remote File Inclusion ("rfi") processed by Naxsi
- Dir Traversal ("dt") processed by Naxsi
- Evading Tricks ("evade") processed by Naxsi
- File Uploads Threat ("fu") processed by Naxsi
- Libinjection XSS ("libinjection_xss") processed by Naxsi (since senginx 1.8.1)
- Libinjection SQL ("libinjection_sql") processed by Naxsi (since senginx 1.8.1)
- Cookie Poisoning ("cp")
- Web Defacement ("wd")
- Robot Mitigation Challenges ("rm")
Whether the attack types above are available or not depends on whether the corresponding feature is enabled in the configuration or not. Currently attacks reported by ModSecurity are not supported.
This feature is available since SEnginx 1.5.14
Directives
statistics_zone
| Syntax | statistics_zone size; |
| Default | - |
| Context | http |
Create a statistics shared memory zone. The size parameter specifies the size of the zone
Example:
statistics_zone 10m;
The servers that need to be under statistics should be configured with "virtual_server_name" directive to specify a unique name. That name usually is the same as the server_name. If "virtual_server_name" is not specified, the server will be excluded from the statistics functionality.
Example:
statistics_zone 10m;
server {
listen 80;
server_name www.abc.com;
virtual_server_name www.abc.com;
...
}
statistics
| Syntax | statistics; |
| Default | - |
| Context | location |
Specifies the location that responses for the statistics data.
Example:
location /stats {
statistics;
}
Data Format
Statistics has JSON format:
v {
"timestamp":123455678,
"servers":[
{
"name":"server1",
"traffic":{"cur_req":10,"req":100,"res_2xx":50,"res_3xx":20,"res_4xx":15,
"res_5xx":15,"sent":1453,"recvd":3541},
"attack":{"sql":10,"xss":10,"rfi":5,"dt":2,"evade":1,"fu":1,"libinjection_xss":0,"libinjection_sql":0,"cp":1,"wd":3,
"rm":50,"other":0}
},
{
"name":"server2",
"traffic":{"cur_req":10,"req":100,"res_2xx":50,"res_3xx":20,"res_4xx":15,
"res_5xx":15,"sent":1453,"recvd":3541},
"attack":{"sql":10,"xss":10,"rfi":5,"dt":2,"evade":1,"fu":1,"libinjection_xss":0,"libinjection_sql":0,"cp":1,"wd":3,
"rm":50,"other":0}
},
...]
}
Demo Statistics
Look at /html/demo.html.
