search

allinurl / goaccess

GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
https://goaccess.io
MIT License
18.6k stars 1.11k forks source link

Custom log specifier for geolocation country code #1089

Open quietmint opened 6 years ago

quietmint commented 6 years ago

Instead of relying on some external IP geolocation database, I'd like to use geolocation data that's already present in my log files. I'm using Cloudflare, which performs IP geolocation and adds the header CF-IPCountry to all incoming requests. I've added the token %{CF-IPCountry}i to my Apache log format string, so each line already records the ISO 2-character country code.

allinurl commented 6 years ago

I can add this option for sure. However, if you need a quick workaround and if you are not using the virtualhost panel or the authenticated user panel, you can simply place the ISO 2-char country code in one of those panels. e.g.,

127.0.0.1 - - [18/Apr/2018:20:04:10 -0500] "GET /dists/jessie/main/i18n/Translation-en HTTP/1.1" 404 181 "-" "Debian APT-HTTP/1.3 (1.0.9.8.4)" US

use

--log-format='%h %^[%d:%t %^] "%r" %s %b "%R" "%u" %v'
backface commented 3 years ago

I second this as well. I have country codes already in logs I get from a CDN provider. I also see the scenario (and also have it somewhere) of having nginx log files with an enabled GeoIP module. So I guess it might be a useful option to be able to directly read geo information from the log file instead of looking it up again (Yes I put it under Virtual Hosts for now...)

daviddean99 commented 3 years ago

Another vote for this feature, please! 🙏

I have added Cloudlare's CF-IPCountry header to my Nginx logs as a new column and the ISO 2-char country code is being correctly logged for each request.

It would be fantastic if GoAccess could use this for GeoIP.