赞
踩
1. access_log日志文件在/etc/httpd/logs目录下
cd /etc/httpd/logs
2.查看access_log日志文件
- cat access_log
- # 内容如下:
- ..........
- 192.168.178.1 - - [04/Feb/2023:10:29:09 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:10 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:10 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:11 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:11 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:11 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:11 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:11 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
- 192.168.178.1 - - [04/Feb/2023:10:29:56 +0800] "-" 408 - "-" "-"
- 192.168.178.151 - - [04/Feb/2023:10:43:40 +0800] "GET / HTTP/1.1" 200 20 "-" "curl/7.61.1"
- 192.168.178.151 - - [04/Feb/2023:10:43:43 +0800] "GET / HTTP/1.1" 200 20 "-" "curl/7.61.1"
- 192.168.178.151 - - [04/Feb/2023:10:43:46 +0800] "GET / HTTP/1.1" 200 20 "-" "curl/7.61.1"
3.awk获取访问前10位的ip地址
- awk '{nums[$1]+=1;} END{for(i in nums){print nums[i],i}}' access_log | sort | tail
-
- # {nums[$1]+=1} 将第一列的值作为数组的下标,数组的内容存储IP地址出现的次数
- # END{for(i in nums){print nums[i],i}} END在主代码块和数据读取之后执行,循环数组的下标,输出数组的值和下标
- # sort 排序
- # tail 输出内容的前10行
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。