initial commit

1 files changed, 65 insertions, 0 deletions

diff --git a/blog/2023-06-08-goaccess-geoip.org b/blog/2023-06-08-goaccess-geoip.org
new file mode 100644
index 0000000..b3224fb
--- /dev/null
+++ b/blog/2023-06-08-goaccess-geoip.org
@@ -0,0 +1,65 @@
++++
+date = 2023-06-08T22:05:00Z
+title = "Inspecting Nginx Logs with GoAccess and MaxMind GeoIP Data"
+description = ""
++++
+
+## Overview
+
+[GoAccess](https://goaccess.io/) is an open source real-time web log analyzer 
+and interactive viewer that runs in a terminal in *nix systems or through your 
+browser.
+
+## Installation
+
+To start, you'll need to install GoAccess for your OS. Here's an example for 
+Debian-based distros:
+
+```bash
+sudo apt install goaccess
+```
+
+Next, find any number of the MaxMind GeoIP database files on GitHub or another 
+file hosting website. We're going to use P3TERX's version in this example:
+
+```bash
+wget https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-City.mmdb
+```
+
+Be sure to save this file in an easy to remember location!
+
+## Usage
+
+In order to utilize the full capabilities of GoAccess and MMDB, start with the 
+command template below and customize as necessary. This will export an HTML 
+view of the GoAccess dashboard, showing all relevant information related to 
+that site's access log. You can also omit the `-o output.html` parameter if you 
+prefer to view the data within the CLI instead of creating an HTML file.
+
+With the addition of the GeoIP Database parameter, section `16 - Geo Location` 
+will be added with the various countries that are associated with the collected 
+IP addresses.
+
+```bash
+zcat /var/log/nginx/example.access.log.*.gz | goaccess     \
+--geoip-database=/home/user/GeoLite2-City.mmdb             \
+--date-format=%d/%b/%Y                                     \
+--time-format=%H:%M:%S                                     \
+--log-format=COMBINED                                      \
+-o output.html                                             \
+/var/log/nginx/example.access.log -
+```
+
+### Example Output
+
+See below for an example of the HTML output:
+
+![GoAccess HTML](https://img.0x4b1d.org/blog/20230608-goaccess/goaccess-dashboard.png "GoAccess HTML")
+
+You can also see the GeoIP card created by the integration of the MaxMind 
+database information.
+
+![GoAccess GeoIP](https://img.0x4b1d.org/blog/20230608-goaccess/goaccess-geoip.png "GoAccess GeoIP")
+
+That's all there is to it! 
+Informational data is provided in an organized fashion with minimal effort.