Hi,
My Nginx has:
- its access_log set to write files under /var/log/nginx, and
- its error_log set to send errors, warnings, etc. to systemd-journald.
I do _not_ wish to divert my whole access.log to systemd-journald.
However, I would like to send the most significant parts, where security
is concerned, that is: failed requests (ie. a selection of HTTP statuses),
and login attempts (ie. a selection of URL patterns).
Is there a LUA stage (maybe set_by_lua? or log_by_lua?) where I can see
the requested URL and the HTTP status, whatever the status is, including
404? This would allow me to custom-log what I want.
Last I tried lua-nginx-module, I used access_by_lua, and 404 errors were
returned to the browser before the LUA code came into play...
Sincerely,
Yves.