Linux Apache/Nginx 日誌統計命令
阿新 • • 發佈:2021-11-01
本人在Linux運維中收集的一些通用的統計,Apache/Nginx伺服器日誌的命令組合。
Apache日誌統計:
# 列出當天訪問次數最多的IP命令 [[email protected] httpd]# cut -d- -f 1 access_log | uniq -c | sort -rn | head -20 # 檢視當天有多少個IP訪問 [[email protected] httpd]# awk '{print $1}' access_log | sort | uniq | wc -l # 檢視某一個頁面總計被訪問的次數 [[email protected] httpd]# cat access_log | grep "index.php" | wc -l # 檢視每一個IP訪問了多少個頁面 [[email protected] httpd]# awk '{++S[$1]} END {for (a in S) print a,S[a]}' access_log # 將每個IP訪問的頁面數進行從小到大排序 [[email protected] httpd]# awk '{++S[$1]} END {for (a in S) print S[a],a}' access_log | sort -n # 檢視某一個IP訪問了哪些頁面 [[email protected] httpd]# grep "^192.168.1.2" access_log | awk '{print $1,$7}' # 去掉搜尋引擎統計當天的頁面 [[email protected] httpd]# awk '{print $12,$1}' access_log | grep ^"Mozilla" | awk '{print $2}' |sort | uniq | wc -l # 檢視21/Nov/2019:03:40:26這一個小時內有多少IP訪問 [[email protected] httpd]# awk '{print $4,$1}' access_log | grep "21/Nov/2019:03:40:26" | awk '{print $2}'| sort | uniq | wc -l
Nginx 日誌統計:
# 列出所有的IP訪問情況 [[email protected] httpd]# awk '{print $1}' access_log | sort -n | uniq # 檢視訪問最頻繁的前100個IP [[email protected] httpd]# awk '{print $1}' access_log | sort -n | uniq -c | sort -rn | head -n 100 # 檢視訪問100次以上的IP [[email protected] httpd]# awk '{print $1}' access_log | sort -n | uniq -c | awk '{if($1 >100) print $0}' | sort -rn # 查詢某個IP的詳細訪問情況,按訪問頻率排序 [[email protected] httpd]# grep '192.168.1.2' access_log | awk '{print $7}' | sort | uniq -c | sort -rn | head -n 100 # 頁面訪問統計:檢視訪問最頻繁的前100個頁面 [[email protected] httpd]# awk '{print $7}' access_log | sort | uniq -c | sort -rn | head -n 100 # 頁面訪問統計:檢視訪問最頻繁的前100個頁面(排除php|py) [[email protected] httpd]# grep -E -v ".php|.py" access_log | awk '{print $7}' | sort |uniq -c | sort -rn | head -n 100 # 頁面訪問統計:檢視頁面訪問次數超過100次的頁面 [[email protected] httpd]# cat access_log | cut -d ' ' -f 7 | sort |uniq -c | awk '{if ($1 > 100) print$0}' # 頁面訪問統計:檢視最近1000條記錄中,訪問量最高的頁面 [[email protected] httpd]# tail -1000 access_log | awk '{print $7}' | sort | uniq -c | sort -nr # 每秒請求量統計:統計每秒的請求數前100的時間點(精確到秒) [[email protected] httpd]# awk '{print $4}' access_log | cut -c14-21 | sort | uniq -c | sort -nr | head -n 100 # 每分鐘請求量統計 11、統計每分鐘的請求數,top100的時間點(精確到分鐘) [[email protected] httpd]# awk '{print $4}' access_log | cut -c14-18 | sort | uniq -c | sort -nr | head -n 100 # 每小時請求量統計 12、統計每小時的請求數,top100的時間點(精確到小時) [[email protected] httpd]# awk '{print $4}' access_log | cut -c14-15 | sort | uniq -c | sort -nr | head -n 100
統計Web服務狀態:
# 統計網站爬蟲 [[email protected] httpd]# grep -E 'Googlebot|Baiduspider' access_log | awk '{ print $1 }' | sort | uniq # 統計網站中瀏覽器的訪問情況 [[email protected] httpd]# cat access_log | grep -v -E 'MSIE|Firefox|Chrome|Opera|Safari|Gecko|Maxthon' | sort | uniq -c | sort -r -n | head -n 100 # 統計網段分佈情況 [[email protected] httpd]# cat access_log | awk '{print $1}' | awk -F'.' '{print $1"."$2"."$3".0"}' | sort | uniq -c | sort -r -n | head -n 200 # 統計來訪域名 [[email protected] httpd]# cat access_log | awk '{print $2}' | sort | uniq -c | sort -rn | more # 統計HTTP狀態 [[email protected] httpd]# cat access_log | awk '{print $9}' | sort | uniq -c | sort -rn | more # URL訪問次數統計 [[email protected] httpd]# cat access_log | awk '{print $7}' | sort | uniq -c | sort -rn | more # URL訪問流量統計 [[email protected] httpd]# cat access_log | awk '{print $7}' | egrep '?|&' | sort | uniq -c | sort -rn | more # 檔案流量統計 [[email protected] httpd]# cat access_log | awk '{sum[$7]+=$10}END{for(i in sum){print sum[i],i}}' | \ sort -rn | more | grep '200' access_log | \ awk '{sum[$7]+=$10}END{for(i in sum){print sum[i],i}}' | sort -rn | more
其他統計組合:
# 列出當天訪問次數最多的IP命令
[[email protected] httpd]# cut -d- -f 1 access_log | uniq -c | sort -rn | head -20
# 檢視當天有多少個IP訪問
[[email protected] httpd]# awk '{print $1}' access_log | sort | uniq | wc -l
# 檢視某一個頁面總計被訪問的次數
[[email protected] httpd]# cat access_log | grep "index.php" | wc -l
# 檢視每一個IP訪問了多少個頁面
[[email protected] httpd]# awk '{++S[$1]} END {for (a in S) print a,S[a]}' access_log
# 將每個IP訪問的頁面數進行從小到大排序
[[email protected] httpd]# awk '{++S[$1]} END {for (a in S) print S[a],a}' access_log | sort -n
# 檢視某一個IP訪問了哪些頁面
[[email protected] httpd]# grep "^192.168.1.2" access_log | awk '{print $1,$7}'
# 去掉搜尋引擎統計當天的頁面
[[email protected] httpd]# awk '{print $12,$1}' access_log | grep ^"Mozilla" | awk '{print $2}' |sort | uniq | wc -l
# 檢視21/Nov/2019:03:40:26這一個小時內有多少IP訪問
[[email protected] httpd]# awk '{print $4,$1}' access_log | grep "21/Nov/2019:03:40:26" | awk '{print $2}'| sort | uniq | wc -l
Nginx日誌統計:
# 列出所有的IP訪問情況
[[email protected] httpd]# awk '{print $1}' access_log | sort -n | uniq
# 檢視訪問最頻繁的前100個IP
[[email protected] httpd]# awk '{print $1}' access_log | sort -n | uniq -c | sort -rn | head -n 100
# 檢視訪問100次以上的IP
[[email protected] httpd]# awk '{print $1}' access_log | sort -n | uniq -c | awk '{if($1 >100) print $0}' | sort -rn
# 查詢某個IP的詳細訪問情況,按訪問頻率排序
[[email protected] httpd]# grep '192.168.1.2' access_log | awk '{print $7}' | sort | uniq -c | sort -rn | head -n 100
# 頁面訪問統計:檢視訪問最頻繁的前100個頁面
[[email protected] httpd]# awk '{print $7}' access_log | sort | uniq -c | sort -rn | head -n 100
# 頁面訪問統計:檢視訪問最頻繁的前100個頁面(排除php|py)
[[email protected] httpd]# grep -E -v ".php|.py" access_log | awk '{print $7}' | sort |uniq -c | sort -rn | head -n 100
# 頁面訪問統計:檢視頁面訪問次數超過100次的頁面
[[email protected] httpd]# cat access_log | cut -d ' ' -f 7 | sort |uniq -c | awk '{if ($1 > 100) print$0}'
# 頁面訪問統計:檢視最近1000條記錄中,訪問量最高的頁面
[[email protected] httpd]# tail -1000 access_log | awk '{print $7}' | sort | uniq -c | sort -nr
# 每秒請求量統計:統計每秒的請求數前100的時間點(精確到秒)
[[email protected] httpd]# awk '{print $4}' access_log | cut -c14-21 | sort | uniq -c | sort -nr | head -n 100
# 每分鐘請求量統計 11、統計每分鐘的請求數,top100的時間點(精確到分鐘)
[[email protected] httpd]# awk '{print $4}' access_log | cut -c14-18 | sort | uniq -c | sort -nr | head -n 100
# 每小時請求量統計 12、統計每小時的請求數,top100的時間點(精確到小時)
[[email protected] httpd]# awk '{print $4}' access_log | cut -c14-15 | sort | uniq -c | sort -nr | head -n 100
統計其他頁面資料:
# 統計網站爬蟲
[[email protected] httpd]# grep -E 'Googlebot|Baiduspider' access_log | awk '{ print $1 }' | sort | uniq
# 統計網站中瀏覽器的訪問情況
[[email protected] httpd]# cat access_log | grep -v -E 'MSIE|Firefox|Chrome|Opera|Safari|Gecko|Maxthon' | sort | uniq -c | sort -r -n | head -n 100
# 統計網段分佈情況
[[email protected] httpd]# cat access_log | awk '{print $1}' | awk -F'.' '{print $1"."$2"."$3".0"}' | sort | uniq -c | sort -r -n | head -n 200
# 統計來訪域名
[[email protected] httpd]# cat access_log | awk '{print $2}' | sort | uniq -c | sort -rn | more
# 統計HTTP狀態
[[email protected] httpd]# cat access_log | awk '{print $9}' | sort | uniq -c | sort -rn | more
# URL訪問次數統計
[[email protected] httpd]# cat access_log | awk '{print $7}' | sort | uniq -c | sort -rn | more
# URL訪問流量統計
[[email protected] httpd]# cat access_log | awk '{print $7}' | egrep '?|&' | sort | uniq -c | sort -rn | more
# 檔案流量統計
[[email protected] httpd]# cat access_log | awk '{sum[$7]+=$10}END{for(i in sum){print sum[i],i}}' | \
sort -rn | more | grep '200' access_log | \
awk '{sum[$7]+=$10}END{for(i in sum){print sum[i],i}}' | sort -rn | more
次數統計:
檢視某一個頁面被訪問的次數
[[email protected] httpd]# grep "/index.php" log_file | wc -l
檢視每一個IP訪問了多少個頁面
[[email protected] httpd]# awk '{++S[$1]} END {for (a in S) print a,S[a]}' log_file
將每個IP訪問的頁面數進行從小到大排序
[[email protected] httpd]# awk '{++S[$1]} END {for (a in S) print S[a],a}' log_file | sort -n
檢視某一個IP訪問了哪些頁面
[[email protected] httpd]# grep ^111.111.111.111 log_file| awk '{print $1,$7}'
去掉搜尋引擎統計當天的頁面
[[email protected] httpd]# awk '{print $12,$1}' log_file | grep ^"Mozilla | awk '{print $2}' |sort | uniq | wc -l
檢視2018年6月21日14時這一個小時內有多少IP訪問
[[email protected] httpd]# awk '{print $4,$1}' log_file | grep 21/Jun/2018:14 | awk '{print $2}'| sort | uniq | wc -l
統計爬蟲
[[email protected] httpd]# grep -E 'Googlebot|Baiduspider' /www/logs/access.2019-02-23.log | awk '{ print $1 }' | sort | uniq
統計瀏覽器
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log | grep -v -E 'MSIE|Firefox|Chrome|Opera|Safari|Gecko|Maxthon' | sort | uniq -c | sort -r -n | head -n 100
IP 統計
[[email protected] httpd]# grep '23/May/2019' /www/logs/access.2019-02-23.log | awk '{print $1}' | awk -F'.' '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -r -n | head -n 10 2206 219.136.134.13 1497 182.34.15.248 1431 211.140.143.100 1431 119.145.149.106 1427 61.183.15.179 1427 218.6.8.189 1422 124.232.150.171 1421 106.187.47.224 1420 61.160.220.252 1418 114.80.201.18
統計網段
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log | awk '{print $1}' | awk -F'.' '{print $1"."$2"."$3".0"}' | sort | uniq -c | sort -r -n | head -n 200
統計域名
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log |awk '{print $2}'|sort|uniq -c|sort -rn|more
HTTP狀態
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log |awk '{print $9}'|sort|uniq -c|sort -rn|more5056585 3041125579 200 7602 400 5 301
URL 統計
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log |awk '{print $7}'|sort|uniq -c|sort -rn|more
檔案流量統計
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log |awk '{sum[$7]+=$10}END{for(i in sum){print sum[i],i}}'|sort -rn|moregrep ' 200 ' /www/logs/access.2019-02-23.log |awk '{sum[$7]+=$10}END{for(i in sum){print sum[i],i}}'|sort -rn|more
URL訪問量統計
[[email protected] httpd]# cat /www/logs/access.2019-02-23.log | awk '{print $7}' | egrep '?|&' | sort | uniq -c | sort -rn | more
查出執行速度最慢的指令碼
[[email protected] httpd]# grep -v 0$ /www/logs/access.2019-02-23.log | awk -F '" ' '{print $4" " $1}' web.log | awk '{print $1" "$8}' | sort -n -k 1 -r | uniq > /tmp/slow_url.txt
IP, URL 抽取
[[email protected] httpd]# tail -f /www/logs/access.2019-02-23.log | grep '/test.html' | awk '{print $1" "$7}'
版權宣告: 本部落格,文章與程式碼均為學習時整理的筆記,部落格中除去明確標註有參考文獻的文章,其他文章【均為原創】作品,轉載請務必【添加出處】,您添加出處是我創作的動力!
博主警告:如果您惡意轉載本人文章,則您的整站文章,將會變為我的原創作品,請相互尊重!