1. Скомпилировать nginx с lua и добавить вывод в лог request_body, response_body и headers:
lua_need_request_body on;
set $request_headers "";
set $resp_body "";
body_filter_by_lua '
local resp_body = string.sub(ngx.arg[1], 1, 1000)
ngx.ctx.buffered = (ngx.ctx.buffered or "") .. resp_body
if ngx.arg[2] then
ngx.var.resp_body = ngx.ctx.buffered
end
local h = ngx.req.get_headers()
local request_headers = ""
for k, v in pairs(h) do
request_headers = request_headers .. k .. ":" .. v
end
ngx.ctx.buffered = (ngx.ctx.buffered or "") .. request_headers
if ngx.arg[2] then
ngx.var.request_headers = ngx.ctx.buffered
end
';
Далее определяем новый log:
log_
format bodylog '$remote_addr - $remote_user [$time_local] 'используем в access_log.
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" $request_time '
'<"$request_body"> <"$resp_body"> <"$request_headers">';
И
2. Второй способ завязан на tcpdump:
tcpdum
p -i eth0 -s 0 -A 'host x.x.x.x and tcp dst port 80 and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)'
Выглядит примерно так:03:07:06.943965 IP x.x.x.x.YYYY > server.domain.com.http: Flags [P.], seq 495715572:495715769, ack 2181877155, win 8192, length 197: HTTP: POST /?api=key&name=value HTTP/1.1
[email protected] .1.P........P. .rl..POST /?api=key&name=value HTTP/1.1
Host: server.domain.com
User-Agent: curl/7.54.0
Accept: */*
Content-Length: 6
Content-Type: application/x-www-form-urlencoded
{json}