Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    24.4.0
    24.4.0

    Nginx

    Nginx

    The Nginx plugin lets you monitor a number of metrics on your reverse proxy server. If you can not find this plugin in the /usr/lib/fm-agent/plugins folder, then your version of the Agent is out of date and you should update it to gain access to this feature.

    Nginx Configuration

    In order to monitor Nginx, you will need to edit the default site file. This file will be found in the /etc/nginx/sites-enabled/ folder. Only Ubuntu/Debian flavors have these folders out of the box. By default, CentOS does not create these folders. If you are using nginx-conf to set the configuration for each of your websites, enable Nginx Status Page on each one by updating the code inside the server { } block as follows: 

    location /nginx_status {
    stub_status on;
    allow 127.0.0.1;
    deny all;
    access_log off;
    }

    Sample Nginx configuration file

    server {

    listen 80 default_server;

    listen [::]:80 default_server;

    server_name _;

    root /usr/share/nginx/html;

    # Load configuration files for the default server block.

    include /etc/nginx/default.d/*.conf;

    # include /etc/nginx/sites-enabled/*.conf;

    location / {

    }

    error_page 404 /404.html;

    location = /40x.html {

    }

    error_page 500 502 503 504 /50x.html;

    location = /50x.html {

    }

    location /nginx_status {

    stub_status on;

    allow 127.0.0.1;

    deny all;

    access_log off;

    }

    }

    Log File Access

    To monitor 2xx / 3xx / 4xx request count, the FortiMonitor Agent user needs to be able to read the server's Nginx access log file. It is typically found at /var/log/nginx/access.log, though you can consult your nginx.conf file for confirmation. It's typically located at etc/nginx/nginx.conf, though it may also be at /usr/local/nginx/conf/nginx.conf or /usr/local/etc/nginx/nginx.conf.

    Agent Configuration

    You can optionally override a set of parameters related to your Nginx installation.

    • console_url: Base location of your Nginx status endpoint - typically http://127.0.0.1, which will be composed into http://127.0.0.1/nginx_status

    • log_location: Path to your Nginx access.log - defaults to /var/log/nginx/access.log

    [nginx]
    console_url = http://127.0.0.1
    log_location = /var/log/nginx/access.log

    Control Panel Configuration

    If you have not already, read the Add FortiMonitor Agent checks article to learn how to set up monitoring for any Agent plugin. To use the Nginx plugin, first select Nginx from the monitoring catalog.

    There are a number of metrics available to monitor.

    Metric

    Unit

    Requests per second

    requests per second

    Accepted connections

    connections

    Handled connections

    connections

    Active connections

    connections

    Request handles

    requests

    Read request body

    Read request header

    2xx's

    requests

    4xx's

    requests

    5xx's

    requests

    Previous
    Next

    Nginx

    Nginx

    The Nginx plugin lets you monitor a number of metrics on your reverse proxy server. If you can not find this plugin in the /usr/lib/fm-agent/plugins folder, then your version of the Agent is out of date and you should update it to gain access to this feature.

    Nginx Configuration

    In order to monitor Nginx, you will need to edit the default site file. This file will be found in the /etc/nginx/sites-enabled/ folder. Only Ubuntu/Debian flavors have these folders out of the box. By default, CentOS does not create these folders. If you are using nginx-conf to set the configuration for each of your websites, enable Nginx Status Page on each one by updating the code inside the server { } block as follows: 

    location /nginx_status {
    stub_status on;
    allow 127.0.0.1;
    deny all;
    access_log off;
    }

    Sample Nginx configuration file

    server {

    listen 80 default_server;

    listen [::]:80 default_server;

    server_name _;

    root /usr/share/nginx/html;

    # Load configuration files for the default server block.

    include /etc/nginx/default.d/*.conf;

    # include /etc/nginx/sites-enabled/*.conf;

    location / {

    }

    error_page 404 /404.html;

    location = /40x.html {

    }

    error_page 500 502 503 504 /50x.html;

    location = /50x.html {

    }

    location /nginx_status {

    stub_status on;

    allow 127.0.0.1;

    deny all;

    access_log off;

    }

    }

    Log File Access

    To monitor 2xx / 3xx / 4xx request count, the FortiMonitor Agent user needs to be able to read the server's Nginx access log file. It is typically found at /var/log/nginx/access.log, though you can consult your nginx.conf file for confirmation. It's typically located at etc/nginx/nginx.conf, though it may also be at /usr/local/nginx/conf/nginx.conf or /usr/local/etc/nginx/nginx.conf.

    Agent Configuration

    You can optionally override a set of parameters related to your Nginx installation.

    • console_url: Base location of your Nginx status endpoint - typically http://127.0.0.1, which will be composed into http://127.0.0.1/nginx_status

    • log_location: Path to your Nginx access.log - defaults to /var/log/nginx/access.log

    [nginx]
    console_url = http://127.0.0.1
    log_location = /var/log/nginx/access.log

    Control Panel Configuration

    If you have not already, read the Add FortiMonitor Agent checks article to learn how to set up monitoring for any Agent plugin. To use the Nginx plugin, first select Nginx from the monitoring catalog.

    There are a number of metrics available to monitor.

    Metric

    Unit

    Requests per second

    requests per second

    Accepted connections

    connections

    Handled connections

    connections

    Active connections

    connections

    Request handles

    requests

    Read request body

    Read request header

    2xx's

    requests

    4xx's

    requests

    5xx's

    requests

    Previous
    Next