Statistics

From SEnginx
Jump to: navigation, search

Contents

Synopsis

The ngx_http_statistics module has the functionality that collects traffic and attack statistics in SEnginx. Currently the following items are supported:

Traffic Statistics

  • Current Request, how many requests are in progress
  • Total Request, which means since SEnginx launches, how many requests have been processed by the server
  • Response, which means since SEnginx launches, how any responses are sent by the server based on response code
  • Sent, which means how many bytes are sent by the server
  • Recvd, which means how many bytes are received by the server

Traffic statistics only available on the server side, upstream side is not supported yet.

Attack Statistics

  • SQL Injection
  • Cross Site Scripting
  • Remote File Inclusion
  • Dir Traversal
  • Evading Tricks
  • File Uploads Threat
  • Cookie Poisoning
  • Web Defacement
  • Robot Mitigation Challenges

Whether the attack types above are available or not depends on whether the corresponding feature is enabled in the configuration or not. Currently attacks reported by ModSecurity are not supported.
Demonstration address of ngx_http_statistics module is at: http://demo.senginx.org
This feature is available since SEnginx 1.5.14

Directives

statistics_zone

Syntax statistics_zone size
Default -
Context http

Create a statistics shared memory zone. The size parameter specifies the size of the zone
Example:

statistics_zone 10m;

The servers that need to be under statistics should be configured with "virtual_server_name" directive to specify a unique name. That name usually is the same as the server_name. If "virtual_server_name" is not specified, the server will be excluded from the statistics functionality.
Example:

statistics_zone 10m;

server {
    listen 80;
    server_name www.abc.com;

    virtual_server_name www.abc.com;

    ...
}

statistics

Syntax statistics
Default -
Context location

Specifies the location that responses for the statistics data.
Example:

location /stats {
    statistics;
}


Data Format

Only JSON format is supported at current stage:

 {
 "timestamp":123455678,
 "servers":[
 {
   "name":"server1",
   "traffic":{"cur_req":10,"req":100,"res_2xx":50,"res_3xx":20,"res_4xx":15,
              "res_5xx":15,"sent":1453,"recvd":3541},
   "attack":{"sql":10,"xss":10,"rfi":5,"dt":2,"evade":1,"fu":1,"cp":1,"wd":3,
             "rm":50,"other":0}
  },
  {
   "name":"server2",
   "traffic":{"cur_req":10,"req":100,"res_2xx":50,"res_3xx":20,"res_4xx":15,
              "res_5xx":15,"sent":1453,"recvd":3541},
   "attack":{"sql":10,"xss":10,"rfi":5,"dt":2,"evade":1,"fu":1,"cp":1,"wd":3,
             "rm":50,"other":0}
  },
  ...]
 }

Since all statistics data is stored in memory, if SEnginx quits, the data will be discarded. Reloading SEnginx doesn't have this issue.

Personal tools
Namespaces

Variants
Actions
Navigation
In other languages
Toolbox