Skip to content
/ nginx-logresolver Public

Real-time Nginx log enhancer that dns resolves IPs to hostnames and optionally colorizes output using grc.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

spithash/nginx-logresolver

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
nginx_logresolver.sh
nginx_logresolver.sh
 
 

Repository files navigation

Nginx Log DNS Resolver

nginx-logresolver is a Bash script that processes Nginx log files and resolves IP addresses to hostnames. It improves the readability of your logs by replacing IP addresses with their corresponding hostnames. The script uses a cache to avoid repeated DNS lookups, ensuring efficient performance, and supports optional colorized output for better readability.

Why?

By default, Nginx logs contain raw IP addresses instead of hostnames. This is intentional: resolving hostnames requires DNS lookups, which are relatively slow and can degrade performance under high traffic.

However, hostnames can be helpful for:

  • Identifying traffic from known domains or bots
  • Spotting patterns in abuse or suspicious activity
  • Debugging or auditing logs in real time with more context

This script bridges the gap by resolving IPs after logs are written, without modifying Nginx's configuration or performance. It works in real time, uses a smart caching mechanism, and optionally outputs colorized logs.

Features

  • Resolves IP addresses to hostnames in real time as logs are written.
  • Caches hostname lookups for 5 hours to reduce repeated DNS queries.
  • Processes multiple log files simultaneously.
  • Supports grc (Generic Colourizer) for optional color output via a -c flag.
  • Lightweight and dependency-minimal Bash script.

Requirements

  • bash
  • getent for hostname resolution
  • grc (optional, for colored output)
  • tail
  • Access to your Nginx logs (default: /var/log/nginx/access.log — update as needed)

Installation

git clone https://github.com/spithash/nginx-logresolver.git
cd nginx-logresolver
chmod +x nginx-logresolver.sh

Usage

Basic usage:

./nginx-logresolver.sh

With colorized output (requires grc):

./nginx-logresolver.sh -c

What It Does

  • Tails logs in real time: Monitors /var/log/nginx/access.log.
  • Resolves IPs to Hostnames: Converts IP addresses in the log lines to their corresponding hostnames using getent.
  • Caches Results: Saves hostname lookups in /tmp/ip_cache.txt and reuses them for up to 5 hours to reduce DNS lookups.
  • Adds Color to Logs: If -c is specified and grc is installed, log output will be colorized using the apache config, making it easier to read.

Example Output

host.example.com - - [07/May/2025:10:42:31 +0000] "GET /index.html HTTP/1.1" 200 1024 "-" "Mozilla/5.0"

About

Real-time Nginx log enhancer that dns resolves IPs to hostnames and optionally colorizes output using grc.

Topics

nginx logs sysadmin bash-script log-parser

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages