三、常用日志分析命令
1、总请求数
|
1
|
wc -l access.log |awk '{print $1}' |
2、独立IP数
|
1
|
awk '{print $1}' access.log|sort |uniq |wc -l |
3、每秒客户端请求数 TOP5
|
1
|
awk -F'[ []' '{print $5}' access.log|sort|uniq -c|sort -rn|head -5 |
4、访问最频繁IP Top5
|
1
|
awk '{print $1}' access.log|sort |uniq -c | sort -rn |head -5 |
5、访问最频繁的URL TOP5
|
1
|
awk '{print $7}' access.log|sort |uniq -c | sort -rn |head -5 |
6、响应大于10秒的URL TOP5
|
1
|
awk '{if ($12 > 10){print $7}}' access.log|sort|uniq -c|sort -rn |head -5 |
7、HTTP状态码(非200)统计 Top5
|
1
|
awk '{if ($13 != 200){print $13}}' access.log|sort|uniq -c|sort -rn|head -5 |
8、分析请求数大于50000的源IP的行为
|
1
2
3
4
5
6
7
8
9
10
|
awk '{print $1}' access.log|sort |uniq -c |sort -rn|awk '{if ($1 > 50000){print $2}}' > tmp.txtfor i in $(cat tmp.txt)do echo $i >> analysis.txt echo "访问行为统计" >> analysis.txt grep $i access.log|awk '{print $6}' |sort |uniq -c | sort -rn |head -5 >> analysis.txt echo "访问接口统计" >> analysis.txt grep $i access.log|awk '{print $7}' |sort |uniq -c | sort -rn |head -5 >> analysis.txt echo -e "\n" >> /root/analysis/$Ydate.txtdone |
