Statistics
Contents |
Synopsis
The ngx_http_statistics module has the functionality that collects traffic and attack statistics in SEnginx. Currently the following items are supported:
Traffic Statistics
- Current Request, how many requests are in progress
- Total Request, which means since SEnginx launches, how many requests have been processed by the server
- Response, which means since SEnginx launches, how any responses are sent by the server based on response code
- Sent, which means how many bytes are sent by the server
- Recvd, which means how many bytes are received by the server
Traffic statistics only available on the server side, upstream side is not supported yet.
Attack Statistics
- SQL Injection
- Cross Site Scripting
- Remote File Inclusion
- Dir Traversal
- Evading Tricks
- File Uploads Threat
- Cookie Poisoning
- Web Defacement
- Robot Mitigation Challenges
Whether the attack types above are available or not depends on whether the corresponding feature is enabled in the configuration or not. Currently attacks reported by ModSecurity are not supported.
Demonstration address of ngx_http_statistics module is at: http://demo.senginx.org
This feature is available since SEnginx 1.5.14
Directives
statistics_zone
| Syntax | statistics_zone size |
| Default | - |
| Context | http |
Create a statistics shared memory zone. The size parameter specifies the size of the zone
Example:
statistics_zone 10m;
The servers that need to be under statistics should be configured with "virtual_server_name" directive to specify a unique name. That name usually is the same as the server_name. If "virtual_server_name" is not specified, the server will be excluded from the statistics functionality.
Example:
statistics_zone 10m;
server {
listen 80;
server_name www.abc.com;
virtual_server_name www.abc.com;
...
}
statistics
| Syntax | statistics |
| Default | - |
| Context | location |
Specifies the location that responses for the statistics data.
Example:
location /stats {
statistics;
}
Data Format
Only JSON format is supported at current stage:
{
"timestamp":123455678,
"servers":[
{
"name":"server1",
"traffic":{"cur_req":10,"req":100,"res_2xx":50,"res_3xx":20,"res_4xx":15,
"res_5xx":15,"sent":1453,"recvd":3541},
"attack":{"sql":10,"xss":10,"rfi":5,"dt":2,"evade":1,"fu":1,"cp":1,"wd":3,
"rm":50,"other":0}
},
{
"name":"server2",
"traffic":{"cur_req":10,"req":100,"res_2xx":50,"res_3xx":20,"res_4xx":15,
"res_5xx":15,"sent":1453,"recvd":3541},
"attack":{"sql":10,"xss":10,"rfi":5,"dt":2,"evade":1,"fu":1,"cp":1,"wd":3,
"rm":50,"other":0}
},
...]
}
Since all statistics data is stored in memory, if SEnginx quits, the data will be discarded. Reloading SEnginx doesn't have this issue.
