目的:
运用shell写一个脚本来分析apache日志。按照访问apache的IP地址最多的IP进行排序,并统计最多的10个IP的访问次数。
第一个方法:
[root@trffic root]# du -h /data/logs/db440/colorme-access_log.20060824
637M /data/logs/db440/colorme-access_log.20060824
[root@trffic root]# time ./filter.sh /data/logs/db440/colorme-access_log.20060824
1 11000 222.191.76.41
2 7882 222.84.8.206
3 6144 60.25.70.41
4 4546 61.54.148.199
5 4194 218.65.239.74
6 3968 218.247.53.164
7 3026 59.37.115.121
8 2878 218.22.141.6
9 2792 219.154.230.18
10 2676 220.198.68.132
real 0m35.587s
user 0m18.130s
sys 0m1.620s
[root@trffic root]#cat filter.sh(内容请详见以下链接)
#!/bin/sh
# Author: jackylau
USAGE="Usage: $0 /path/to/filename"
if [ $# -ne 1 ];then
echo $USAGE
exit
fi
if [ ! -d /tmp/temp ];then
mkdir /tmp/temp
fi
awk '{print $1}' $1>/tmp/temp/address
cat /tmp/temp/address|sort|uniq -c|sort -nr|head|awk '{print NR"\t",$1"\t",$2}'
rm -rf /tmp/temp
第二种方法:
一个小时也没统计出来
[root@trffic root]#cat filter2.sh(内容请详见以下链接)
#!/bin/sh
# Author: jackylau
USAGE="Usage: $0 /path/to/filename"
if [ $# -ne 1 ];then
echo $USAGE
exit
fi
if [ ! -d /tmp/temp ];then
mkdir /tmp/temp
fi
awk '{print $1}' $1 >/tmp/temp/address
Count=`cat /tmp/temp/address|sort|uniq|wc -l`
for (( i=0; i<="$Count"; i++ ))
do
for IP in `head -n 1 /tmp/temp/address`
do
echo "$IP `awk '{print $1}' $1|grep -c $IP`" >>/tmp/temp/after_address
echo "wq"|ex -c "g/$IP/d" /tmp/temp/address
done
done
cat /tmp/temp/after_address|sort -n -r +1|head
rm -rf /tmp/temp
阅读(550) | 评论(0) | 转发(0) |
