shell脚本分析nginx日志
178.255.215.86 - - "GET /tag/316/PostgreSQL HTTP/1.1" 200 4779 "-" "Mozilla/5.0 (compatible; Exabot/3.0 (BiggerBetter); +http://www.exabot.com/go/robot)" "-"-178.255.215.86 - - "GET /tag/317/edit HTTP/1.1" 303 5 "-" "Mozilla/5.0 (compatible; Exabot/3.0 (BiggerBetter); +http://www.exabot.com/go/robot)" "-"-
103.29.134.200 - - "GET /code-snippet/2022/edit HTTP/1.0" 303 0 "-" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/17.0 Firefox/17.0" "-"-
103.29.134.200 - - "GET /user/login?url=http%3A//outofmemory.cn/code-snippet/2022/edit HTTP/1.0" 200 4748 "-" "Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/17.0 Firefox/17.0" "-"-
以下脚本都是基于上面日志格式的,如果你的日志格式不同需要调整awk后面的参数。
分析日志中的UserAgent
cat access_20130704.log | awk -F "\""'{print $(NF-3)}'| sort | uniq -c | sort -nr | head -20
上面的脚本将分析出日志文件中最多的20个UserAgent
分析日志中那些IP访问最多
cat access_20130704.log | awk '{print $1}'| sort | uniq -c | sort -nr | head -20
分析日志中每分钟请求url排序
cat access.2013-11-19.log| awk '{arr[$4]++} END{for(a in arr) print a, arr}' | sort >111
分析日志中那些Url请求访问次数最多
cat access_20130704.log | awk -F "\""'{print $(NF-5)}'| sort | uniq -c | sort -nr | head -20
页:
[1]