1嵌牺、總請(qǐng)求數(shù)
wc -l access.log |awk '{print $1}'
2打洼、獨(dú)立IP數(shù)
awk '{print $1}' access.log|sort |uniq |wc -l
3龄糊、每秒客戶端請(qǐng)求數(shù) TOP5
awk -F'[ []' '{print $5}' access.log|sort|uniq -c|sort -rn|head -5
4、訪問(wèn)最頻繁IP Top5
awk '{print $1}' access.log|sort |uniq -c | sort -rn |head -5
5募疮、訪問(wèn)最頻繁的URL TOP5
awk '{print $7}' access.log|sort |uniq -c | sort -rn |head -5
6炫惩、響應(yīng)大于10秒的URL TOP5
awk '{if ($12 > 10){print $7}}' access.log|sort|uniq -c|sort -rn |head -5
7、HTTP狀態(tài)碼(非200)統(tǒng)計(jì) Top5
awk '{if ($13 != 200){print $13}}' access.log|sort|uniq -c|sort -rn|head -5
8阿浓、分析請(qǐng)求數(shù)大于50000的源IP的行為
awk '{print $1}' access.log|sort |uniq -c |sort -rn|awk '{if ($1 > 50000){print $2}}' > tmp.txt
for i in $(cat tmp.txt)
do
echo $i >> analysis.txt
echo "訪問(wèn)行為統(tǒng)計(jì)" >> analysis.txt
grep $i access.log|awk '{print $6}' |sort |uniq -c | sort -rn |head -5 >> analysis.txt
echo "訪問(wèn)接口統(tǒng)計(jì)" >> analysis.txt
grep $i access.log|awk '{print $7}' |sort |uniq -c | sort -rn |head -5 >> analysis.txt
echo -e "\n" >> /root/analysis/$Ydate.txt
done