Fortinet Document Library

Version:


Table of Contents

User Guide

21.4.0
Copy Link

Nginx

The Nginx plugin lets you monitor a number of metrics on your reverse proxy server. If you can not find this plugin in the /usr/lib/panopta-agent/plugins folder, then your version of the Agent is out of date and you should update it to gain access to this feature.

Nginx Configuration 

In order to monitor Nginx, you will need to edit the default site file. This file will be found in the /etc/nginx/sites-enabled/ folder. Only Ubuntu/Debian flavors have these folders out of the box. By default, CentOS does not create these folders. If you are using nginx-conf to set the configuration for each of your websites, enable Nginx Status Page on each one by updating the code inside the server { } block as follows: 

location /nginx_status {
stub_status on;
allow 127.0.0.1;
deny all;
access_log off;
}

Sample Nginx configuration file

server {

listen 80 default_server;

listen [::]:80 default_server;

server_name _;

root /usr/share/nginx/html;

# Load configuration files for the default server block.

include /etc/nginx/default.d/*.conf;

# include /etc/nginx/sites-enabled/*.conf;

location / {

}

error_page 404 /404.html;

location = /40x.html {

}

error_page 500 502 503 504 /50x.html;

location = /50x.html {

}

location /nginx_status {

stub_status on;

allow 127.0.0.1;

deny all;

access_log off;

}

}

Log File Access

To monitor 2xx / 3xx / 4xx request count, the FortiMonitor Agent user needs to be able to read the server's Nginx access log file. It is typically found at /var/log/nginx/access.log, though you can consult your nginx.conf file for confirmation. It's typically located at etc/nginx/nginx.conf, though it may also be at /usr/local/nginx/conf/nginx.conf or /usr/local/etc/nginx/nginx.conf.

Agent Configuration 

You can optionally override a set of parameters related to your Nginx installation.

  • console_url: Base location of your Nginx status endpoint - typically http://127.0.0.1, which will be composed into http://127.0.0.1/nginx_status

  • log_location: Path to your Nginx access.log - defaults to /var/log/nginx/access.log

[nginx]
console_url = http://127.0.0.1
log_location = /var/log/nginx/access.log

Control Panel Configuration 

If you have not already, read the Add FortiMonitor Agent checks article to learn how to set up monitoring for any Agent plugin. To use the Nginx plugin, first select Nginx from the monitoring catalog.

There are a number of metrics available to monitor.

Metric

Unit

Requests per second

requests per second

Accepted connections

connections

Handled connections

connections

Active connections

connections

Request handles

requests

Read request body

Read request header

2xx's

requests

4xx's

requests

5xx's

requests

Nginx

The Nginx plugin lets you monitor a number of metrics on your reverse proxy server. If you can not find this plugin in the /usr/lib/panopta-agent/plugins folder, then your version of the Agent is out of date and you should update it to gain access to this feature.

Nginx Configuration 

In order to monitor Nginx, you will need to edit the default site file. This file will be found in the /etc/nginx/sites-enabled/ folder. Only Ubuntu/Debian flavors have these folders out of the box. By default, CentOS does not create these folders. If you are using nginx-conf to set the configuration for each of your websites, enable Nginx Status Page on each one by updating the code inside the server { } block as follows: 

location /nginx_status {
stub_status on;
allow 127.0.0.1;
deny all;
access_log off;
}

Sample Nginx configuration file

server {

listen 80 default_server;

listen [::]:80 default_server;

server_name _;

root /usr/share/nginx/html;

# Load configuration files for the default server block.

include /etc/nginx/default.d/*.conf;

# include /etc/nginx/sites-enabled/*.conf;

location / {

}

error_page 404 /404.html;

location = /40x.html {

}

error_page 500 502 503 504 /50x.html;

location = /50x.html {

}

location /nginx_status {

stub_status on;

allow 127.0.0.1;

deny all;

access_log off;

}

}

Log File Access

To monitor 2xx / 3xx / 4xx request count, the FortiMonitor Agent user needs to be able to read the server's Nginx access log file. It is typically found at /var/log/nginx/access.log, though you can consult your nginx.conf file for confirmation. It's typically located at etc/nginx/nginx.conf, though it may also be at /usr/local/nginx/conf/nginx.conf or /usr/local/etc/nginx/nginx.conf.

Agent Configuration 

You can optionally override a set of parameters related to your Nginx installation.

  • console_url: Base location of your Nginx status endpoint - typically http://127.0.0.1, which will be composed into http://127.0.0.1/nginx_status

  • log_location: Path to your Nginx access.log - defaults to /var/log/nginx/access.log

[nginx]
console_url = http://127.0.0.1
log_location = /var/log/nginx/access.log

Control Panel Configuration 

If you have not already, read the Add FortiMonitor Agent checks article to learn how to set up monitoring for any Agent plugin. To use the Nginx plugin, first select Nginx from the monitoring catalog.

There are a number of metrics available to monitor.

Metric

Unit

Requests per second

requests per second

Accepted connections

connections

Handled connections

connections

Active connections

connections

Request handles

requests

Read request body

Read request header

2xx's

requests

4xx's

requests

5xx's

requests