From 74c5e0d3880bc00a947a12ba5a3ede6c0703555d Mon Sep 17 00:00:00 2001 From: pdiogoantunes Date: Thu, 13 Apr 2017 11:30:57 +0200 Subject: [PATCH] access.log --- TipsShell.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/TipsShell.md b/TipsShell.md index 5ad8e6c2..24835af9 100644 --- a/TipsShell.md +++ b/TipsShell.md @@ -235,22 +235,22 @@ tr '\n' ' ' | cut -d':' -f2 | echo -n "$(cat <&0)"; echo = $(groups $user); done ### Compte rendu pour un laps de temps -~~~ -# date; (timeout 60 tail -f /var/log/apache2/access.log | cut -d' ' -f1) | sort | uniq -c | sort -n +~~~{.bash} +$ date; (timeout 60 tail -f access.log | cut -d' ' -f1) | sort | uniq -c | sort -n ~~~ ### En direct - Version simple : -~~~ -# tail -f /var/log/apache2/access.log | stdbuf -oL cut -d ' ' -f1 | uniq -c +~~~{.bash} +$ tail -f access.log | stdbuf -oL cut -d ' ' -f1 | uniq -c ~~~ - Version couleur : -~~~ -# SEUIL=5; tail -f /var/log/apache2/access.log | stdbuf -oL cut -d ' ' -f1 | stdbuf -oL uniq -c | \ +~~~{.bash} +$ SEUIL=5; tail -f access.log | stdbuf -oL cut -d ' ' -f1 | stdbuf -oL uniq -c | \ eval "awk '\$1 > $SEUIL {printf \"\\033[1;31m\" \$1 \" \" \$2 \"\\033[0m \\n\"; next;};{printf \$1 \" \" \$2 \"\\n\";}'" ~~~ @@ -269,7 +269,7 @@ Si on veut les adresses IPs, ou simplement trier le access.log avant l'analyse, Et si l'on considère les mots comme une seule différence (et non par caractères), on peut descendre le seuil : ~~~{.bash} -SEUIL=3; i=1; lastline=; cat /var/log/nginx/access.log | sed 's/.*\] \(.*\)\" [0-9]\{3\}.*$/\1\"/' | \ +SEUIL=3; i=1; lastline=; cat access.log | sed 's/.*\] \(.*\)\" [0-9]\{3\}.*$/\1\"/' | \ (while read line; do diff=$(cmp -bl <(echo "$lastline") <(echo "$line") 2>/dev/null | awk '{print $1}' | \ (compt=0; lastnumber=0; while read number; do (( lastnumber+1 != number)) && ((compt=compt+1)); lastnumber=$number; done; echo $compt)); \ (( diff < SEUIL )) && { i=$((i+1)); } || { echo "$i $line"; i=1; }; lastline="$line"; done)