diff options
Diffstat (limited to 'blog/2023-06-08-goaccess-geoip.org')
| -rw-r--r-- | blog/2023-06-08-goaccess-geoip.org | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/blog/2023-06-08-goaccess-geoip.org b/blog/2023-06-08-goaccess-geoip.org new file mode 100644 index 0000000..b3224fb --- /dev/null +++ b/blog/2023-06-08-goaccess-geoip.org @@ -0,0 +1,65 @@ ++++ +date = 2023-06-08T22:05:00Z +title = "Inspecting Nginx Logs with GoAccess and MaxMind GeoIP Data" +description = "" ++++ + +## Overview + +[GoAccess](https://goaccess.io/) is an open source real-time web log analyzer +and interactive viewer that runs in a terminal in *nix systems or through your +browser. + +## Installation + +To start, you'll need to install GoAccess for your OS. Here's an example for +Debian-based distros: + +```bash +sudo apt install goaccess +``` + +Next, find any number of the MaxMind GeoIP database files on GitHub or another +file hosting website. We're going to use P3TERX's version in this example: + +```bash +wget https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-City.mmdb +``` + +Be sure to save this file in an easy to remember location! + +## Usage + +In order to utilize the full capabilities of GoAccess and MMDB, start with the +command template below and customize as necessary. This will export an HTML +view of the GoAccess dashboard, showing all relevant information related to +that site's access log. You can also omit the `-o output.html` parameter if you +prefer to view the data within the CLI instead of creating an HTML file. + +With the addition of the GeoIP Database parameter, section `16 - Geo Location` +will be added with the various countries that are associated with the collected +IP addresses. + +```bash +zcat /var/log/nginx/example.access.log.*.gz | goaccess \ +--geoip-database=/home/user/GeoLite2-City.mmdb \ +--date-format=%d/%b/%Y \ +--time-format=%H:%M:%S \ +--log-format=COMBINED \ +-o output.html \ +/var/log/nginx/example.access.log - +``` + +### Example Output + +See below for an example of the HTML output: + + + +You can also see the GeoIP card created by the integration of the MaxMind +database information. + + + +That's all there is to it! +Informational data is provided in an organized fashion with minimal effort. |