nginx日志分析脚本:
| 代码如下 |
复制代码 |
|
vi /mnt/logs/checklog.sh
#!/bin/bash
echo -e "####################`date +%F`" >> /mnt/logs/400.txt
echo -e "####################`date +%F`" >> /mnt/logs/URL.txt
echo -e "####################`date +%F`" >> /mnt/logs/IP.txt
cat $1 | wc -l >> /mnt/logs/IP.txt #分析IP
cat $1 | awk -F'"' '{print $3}' | awk '{print $1}' | sort | uniq -c| sort -rn > /mnt/logs/CODE.txt #分析返回值
cat $1 | awk '{print $1}' | sort | uniq -c| sort -rn | head -n20 >> /mnt/logs/IP.txt
N=`cat /mnt/logs/CODE.txt | wc -l`
for I in $(seq 1 $N)
do
M=`head -n$I /mnt/logs/CODE.txt | tail -n1 | awk '{print $2}'`
if [ $M -ge 400 ]
then
echo "#####FIND $M###############">>/mnt/logs/400.txt #分析错误请求
cat $1 | grep "" $M " | grep -v ' "-" "-" - ' | sort | awk '{print $1 $2 $3 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 $17 $18 $19 $20 $21}' | sort | uniq -c | sort -rn | head -n5 >> /mnt/logs/400.txt
fi
done
cat $1 | grep -v ' "-" "-" - ' | awk -F'T' '{print $2}' | awk -F'?' '{print $1}' | sort |awk '{print $1}' | sed 's/(/review/file/download/).*/1/g' | sort | uniq -c | sort -rn | head -n20 >> /mnt/logs/URL.txt
|
有时我希望实时的监控并分析日志怎么办,我们可参考下面的日志分析脚本。
1.查看nginx的进程数
| 代码如下 |
复制代码 |
# ps -aux|grep nginx|wc -l
|
2、分析日志查看当天的ip连接数
| 代码如下 |
复制代码 |
# grep "23/Apr/2011" logs/www.thinkwap.access.log|wc -l
|
3.查看指定的ip在当天究竟访问了什么url
| 代码如下 |
复制代码 |
# grep "23/Apr/2011" logs/www.thinkwap.log|grep "69.248.213.128"|awk '{print $9}'
|
4.查看当天访问排行前10的url
| 代码如下 |
复制代码 |
# grep "23/Apr/2011" logs/www.thinkwap.log|awk '{print $9}'|sort |uniq -c |sort -nr |head -n 10
|
5、查看访问次数最多时间以小时为单位(热点)
| 代码如下 |
复制代码 |
| # grep "24/Apr/2011" logs/www.thinkwap.log|awk '{print $6}'|cut -c14-15|sort |uniq -c |sort -nr|head |
