Debian服务器JS日志管理指南
在Debian服务器上管理JavaScript(主要为Node.js应用)日志,需围绕日志记录、存储、轮转、安全、集中管理与监控五大核心环节展开,以下是具体实施方案:
Node.js生态中有多种日志库,可根据项目规模与需求选择:
const winston = require('winston');
const logger = winston.createLogger({
level: 'info',
format: winston.format.json(),
transports: [
new winston.transports.File({ filename: '/var/log/node-app/error.log', level: 'error' }),
new winston.transports.File({ filename: '/var/log/node-app/combined.log' }),
new winston.transports.Console({ format: winston.format.simple() }) // 开发环境输出到控制台
]
});
const pino = require('pino')({ level: 'warn', transport: { target: 'pino-pretty' } });
pino.info('Server started on port 3000');
const log4js = require('log4js');
log4js.configure({
appenders: {
file: { type: 'file', filename: '/var/log/node-app/app.log', pattern: '-yyyy-MM-dd', keepFileExt: true },
console: { type: 'console' }
},
categories: { default: { appenders: ['file', 'console'], level: 'info' } }
});
const logger = log4js.getLogger();
使用logrotate工具自动化管理日志文件,避免单个文件占用过多磁盘空间:
sudo apt update && sudo apt install logrotate
/etc/logrotate.d/下新建nodejs文件,内容如下:/var/log/node-app/*.log {
daily # 每天轮转
rotate 7 # 保留7天日志
compress # 压缩旧日志(gzip)
delaycompress # 延迟压缩(避免压缩当天日志)
missingok # 文件不存在时不报错
notifempty # 日志为空时不轮转
create 0640 root adm # 新日志文件权限与所有者
}
sudo logrotate -d /etc/logrotate.d/nodejs # 干运行测试
sudo logrotate -f /etc/logrotate.d/nodejs # 强制立即轮转
对于生产环境,建议将日志发送至集中式系统,便于统一检索与分析:
winston-logstash库):const winston = require('winston');
const LogstashTransport = require('winston-logstash').Logstash;
const logger = winston.createLogger({
transports: [
new LogstashTransport({
port: 5000,
host: 'localhost',
node_name: 'node-app'
})
]
});
winston-graylog2库发送日志:const winston = require('winston');
const Graylog2 = require('winston-graylog2');
const logger = winston.createLogger({
transports: [
new Graylog2({
name: 'node-app',
level: 'info',
graylogHost: 'graylog.example.com',
graylogPort: 12201
})
]
});
sanitize-html)过滤密码、Token等敏感信息:const sanitizeHtml = require('sanitize-html');
const sensitiveData = { password: '123456', username: 'admin' };
const safeData = sanitizeHtml(JSON.stringify(sensitiveData), { allowedTags: [], allowedAttributes: {} });
logger.info(`User logged in: ${safeData}`);
sudo chown root:adm /var/log/node-app/*.log
sudo chmod 640 /var/log/node-app/*.log
auditd监控日志文件的访问与修改:sudo apt install auditd
sudo auditctl -w /var/log/node-app/ -p wa -k node_app_logs # 监控/var/log/node-app/目录的写/属性变更操作
Prometheus+Grafana监控日志中的关键指标(如错误率、请求延迟):
prom-client库,在Node.js应用中暴露指标:const promClient = require('prom-client');
const httpRequestDurationMicroseconds = new promClient.Histogram({
name: 'http_request_duration_ms',
help: 'Duration of HTTP requests in ms',
labelNames: ['method', 'route', 'code'],
buckets: [0.1, 5, 15, 50, 100, 200, 500]
});
Sentry或Elastic APM捕获应用错误,设置邮件/Slack告警:const Sentry = require('@sentry/node');
Sentry.init({ dsn: 'YOUR_DSN_HERE' });
process.on('uncaughtException', (err) => {
logger.error(`Uncaught Exception: ${err.stack}`);
Sentry.captureException(err);
process.exit(1);
});
tail -f /var/log/node-app/combined.log # 实时跟踪日志
grep "error" /var/log/node-app/*.log # 搜索特定关键词
sudo npm install -g pm2
pm2 start app.js --name "my-app" # 启动应用并关联PM2
pm2 logs my-app # 查看应用日志
pm2 save # 保存当前进程列表
pm2 startup # 设置PM2开机自启
通过以上步骤,可实现Debian服务器上JS日志的有效管理,覆盖从记录到监控的全生命周期,确保日志的可维护性与系统的稳定性。