Pretty sweet.
sudo apt-get install goaccess
Now I can say:
sudo goaccess -f /var/log/nginx/access.log
And see the analysis in the terminal. However apt-get is installing GoAccess version 0.6
and the current version is 1.0.2
. Not sure how to get a newer version with apt-get
so followed the manual installation instructions:
$ wget http://tar.goaccess.io/goaccess-1.0.2.tar.gz
$ tar -xzvf goaccess-1.0.2.tar.gz
$ cd goaccess-1.0.2/
$ ./configure --enable-geoip --enable-utf8
$ make
# make install
EXCEPT that I was not able to get --enable-geoip
flag to work:
checking for GeoIP_new in -lGeoIP... no
configure: error: *** Missing development files for the GeoIP library
Supposedly this was necessary for the utf8 option:
sudo apt-get install libncursesw5-dev
Wait…
apt-get install php5-geoip php5-dev libgeoip-dev
And:
./configure --enable-geoip --enable-utf8
Yay!
make
sudo make install
NOTE: One could install and use without GeoIP.
Now I need to add a time format to the goaccess.conf
file located at:
/usr/local/etc/goaccess.conf
Uncommented the first option:
# The following time format works with any of the
# Apache/NGINX's log formats below.
#
time-format %H:%M:%S
And Date format, Log format:
date-format %d/%b/%Y
log-format %h %^[%d:%t %^] "%r" %s %b
(or use this flag: --log-format=COMBINED
And finally:
$ sudo goaccess -f /var/log/nginx/access.log.1 -a -o report.html
Still haven’t got the websockets version working. Will aim to report back.
$ sudo goaccess -f /var/log/nginx/access.log -o report.html --real-time-html
Hmmm. Nothing. nothing. nothing. CTRL+C
$ sudo goaccess -f /var/log/nginx/access.log -o report.html --real-time-html
^CSIGINT caught!
Stopping WebSocket server...
Maybe I’m missing a step in:
“To output an HTML report and set the WebSocket server to listen on port 7890 and localhost.”
It seems like there would be some terminal output if there was actually listening going on.
$telnet site.com 7890
telnet: connect to address 45.55.xxx.xxx: Connection refused
Ah. Have to have something listening first.
$ sudo goaccess -f /var/log/nginx/access.log.1 -o /usr/share/nginx/www/report.html \\
--real-time-html --ws-url=domain.com
Parsing... [84] [0/s]
Now at least telnet makes a connection:
telnet domain.com 7890
Trying 45.55.xxx.xxx...
Connected to domain.com.
Escape character is '^]'.