IP相关统计
统计IP访问量
awk <span class="hljs-string">'{print $1}'</span> access.<span class="hljs-keyword">log</span> | <span class="hljs-keyword">sort</span> -n | uni<span class="hljs-string">q | wc -l</span>查看某一时间段的IP访问量(4-5点)
<span class="hljs-keyword">grep</span> <span class="hljs-string">"07/Apr/2017:0[4-5]"</span> access.<span class="hljs-keyword">log</span> | awk <span class="hljs-string">'{print $1}'</span> | <span class="hljs-keyword">sort</span> | uniq -c| <span class="hljs-keyword">sort</span> -nr | wc -l 查看访问最频繁的前100个IP
awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">1</span>}' access.log | <span class="hljs-built_in">sort</span> -n |uniq -<span class="hljs-built_in">c</span> | <span class="hljs-built_in">sort</span> -rn | head -n <span class="hljs-number">100</span>查看访问100次以上的IP
awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">1</span>}' access.log | <span class="hljs-built_in">sort</span> -n |uniq -<span class="hljs-built_in">c</span> |awk '{<span class="hljs-keyword">if</span>($<span class="hljs-number">1</span> ><span class="hljs-number">100</span>) <span class="hljs-built_in">print</span> $<span class="hljs-number">0</span>}'|<span class="hljs-built_in">sort</span> -rn查询某个IP的详细访问情况,按访问频率排序
<span class="hljs-keyword">grep</span> <span class="hljs-string">'104.217.108.66'</span> access.<span class="hljs-keyword">log</span> |awk <span class="hljs-string">'{print $7}'</span>|<span class="hljs-keyword">sort</span> |uniq -c |<span class="hljs-keyword">sort</span> -rn |head -n <span class="hljs-number">100</span> 页面访问统计
查看访问最频的页面(TOP100)
awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">7</span>}' access.log | <span class="hljs-built_in">sort</span> |uniq -<span class="hljs-built_in">c</span> | <span class="hljs-built_in">sort</span> -rn | head -n <span class="hljs-number">100</span>查看访问最频的页面([排除php页面】(TOP100)
<span class="hljs-keyword">grep</span> -v <span class="hljs-string">".php"</span> access.<span class="hljs-keyword">log</span> | awk <span class="hljs-string">'{print $7}'</span> | <span class="hljs-keyword">sort</span> |uniq -c | <span class="hljs-keyword">sort</span> -rn | head -n <span class="hljs-number">100</span> 查看页面访问次数超过100次的页面
<span class="hljs-attribute">cat</span> access.log | cut -d <span class="hljs-string">' '</span> -f <span class="hljs-number">7</span> | sort |uniq -c | awk <span class="hljs-string">'{if (<span class="hljs-variable">$1</span> > 100) print <span class="hljs-variable">$0</span>}'</span> | less查看最近1000条记录,访问量最高的页面
tail -<span class="hljs-number">1000</span> access.log |awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">7</span>}'|<span class="hljs-built_in">sort</span>|uniq -<span class="hljs-built_in">c</span>|<span class="hljs-built_in">sort</span> -nr|less每秒请求量统计
统计每秒的请求数,top100的时间点(精确到秒)
awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">4</span>}' access.log |cut -<span class="hljs-built_in">c</span> <span class="hljs-number">14</span>-<span class="hljs-number">21</span>|<span class="hljs-built_in">sort</span>|uniq -<span class="hljs-built_in">c</span>|<span class="hljs-built_in">sort</span> -nr|head -n <span class="hljs-number">100</span>每分钟请求量统计
统计每分钟的请求数,top100的时间点(精确到分钟)
awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">4</span>}' access.log |cut -<span class="hljs-built_in">c</span> <span class="hljs-number">14</span>-<span class="hljs-number">18</span>|<span class="hljs-built_in">sort</span>|uniq -<span class="hljs-built_in">c</span>|<span class="hljs-built_in">sort</span> -nr|head -n <span class="hljs-number">100</span>每小时请求量统计
统计每小时的请求数,top100的时间点(精确到小时)
awk '{<span class="hljs-built_in">print</span> $<span class="hljs-number">4</span>}' access.log |cut -<span class="hljs-built_in">c</span> <span class="hljs-number">14</span>-<span class="hljs-number">15</span>|<span class="hljs-built_in">sort</span>|uniq -<span class="hljs-built_in">c</span>|<span class="hljs-built_in">sort</span> -nr|head -n <span class="hljs-number">100</span>性能分析
在nginx log中最后一个字段加入$request_time
列出传输时间超过 3 秒的页面,显示前20条
cat access.log|awk '($<span class="hljs-type">NF</span> > <span class="hljs-number">3</span>){<span class="hljs-built_in">print</span> $<span class="hljs-number">7</span>}'|<span class="hljs-built_in">sort</span> -n|uniq -<span class="hljs-built_in">c</span>|<span class="hljs-built_in">sort</span> -nr|head -<span class="hljs-number">20</span>列出php页面请求时间超过3秒的页面,并统计其出现的次数,显示前100条
<span class="hljs-attribute">cat</span> access.log|awk <span class="hljs-string">'(<span class="hljs-variable">$NF</span> > 1 && <span class="hljs-variable">$7</span>~/\.php/){print <span class="hljs-variable">$7</span>}'</span>|sort -n|uniq -c|sort -nr|head -<span class="hljs-number">100</span>蜘蛛抓取统计
统计蜘蛛抓取次数
<span class="hljs-keyword">grep</span> <span class="hljs-string">'Baiduspider'</span> access.<span class="hljs-keyword">log</span> |wc -l统计蜘蛛抓取404的次数
<span class="hljs-keyword">grep</span> <span class="hljs-string">'Baiduspider'</span> access.<span class="hljs-keyword">log</span> |<span class="hljs-keyword">grep</span> <span class="hljs-string">'404'</span> | wc -lTCP连接统计
查看当前TCP连接数
netstat -tan | <span class="hljs-keyword">grep</span> <span class="hljs-string">"ESTABLISHED"</span> | <span class="hljs-keyword">grep</span> <span class="hljs-string">":80"</span> | wc -l用tcpdump嗅探80端口的访问看看谁最高
tcpdump -i eth0 -tnn dst port <span class="hljs-number">80</span> -<span class="hljs-built_in">c</span> <span class="hljs-number">1000</span> | awk -<span class="hljs-type">F</span>
<span class="hljs-string">"."</span> '{<span class="hljs-built_in">print</span> $<span class="hljs-number">1</span>
<span class="hljs-string">"."</span>$<span class="hljs-number">2</span>
<span class="hljs-string">"."</span>$<span class="hljs-number">3</span>
<span class="hljs-string">"."</span>$<span class="hljs-number">4</span>}' | <span class="hljs-built_in">sort</span> | uniq -<span class="hljs-built_in">c</span> | <span class="hljs-built_in">sort</span> -nr