scenario:os:freebsd,三台机器组成一个集群,165为virtual ip,它的realserver分别为166、167、181,这三台机器用nload em0查看时outgoing 有35M----40M,我们一个机柜交换机流量也就90M左右吧,交换机吃不消的,尽管我们机器上有2500个网站左右!正常情况下也就10M-20M左右吧! 有网站在恶意占用资源!
查找过程: tail -n 1000 /usr/local/logcenter/apache.log | awk '{print $1}' | sort | uniq -c | sort -n | tail -n 20 ##显然我的apache日志文件为apache.log
最后一个为访问量最多的网站! 这里仅仅是一个参考! 就算是访问量最大,也不能作为证据!
例如:访问量最多的为
由于cat /usr/local/logcenter/apache.log| grep >.log发现这个网站一直在下载一个1.mp3文件,去查看发现这个mp3大小8.6M 见附件将该网站关掉即可(就是不让apache加载它)
如下:
*********121.14.222.155 - - [08/Apr/2011:02:37:50 +0800] "GET /3.mp3 HTTP/1.1" 206 0
121.11.171.249 - - [08/Apr/2011:02:37:22 +0800] "GET /1.mp3 HTTP/1.1" 200 29
58.16.196.238 - - [08/Apr/2011:02:37:00 +0800] "GET /1.mp3 HTTP/1.1" 200 58
221.229.89.26 - - [08/Apr/2011:02:37:15 +0800] "GET /1.mp3 HTTP/1.1" 200 47
222.92.149.54 - - [08/Apr/2011:02:37:55 +0800] "GET /1.mp3 HTTP/1.1" 200 24
222.88.33.42 - - [08/Apr/2011:02:38:40 +0800] "GET /1.mp3 HTTP/1.1" 200 4
42.48.37.198 - - [08/Apr/2011:02:38:36 +0800] "GET /1.mp3 HTTP/1.1" 200 18
222.87.218.235 - - [08/Apr/2011:02:39:11 +0800] "GET /1.mp3 HTTP/1.1" 304 0
87.217.204.40 - - [08/Apr/2011:02:39:05 +0800] "GET /3.mp3 HTTP/1.1" 200 41
219.159.198.34 - - [08/Apr/2011:02:39:00 +0800] "GET /1.mp3 HTTP/1.1" 200 50
124.207.228.50 - - [08/Apr/2011:02:39:57 +0800] "GET /topflash.js HTTP/1.1" 200 0
然后nload em0测试,发现网络流量都下来了,到正常的水平了! 10M------15M了!留为笔记!
阅读(1437) | 评论(0) | 转发(0) |