Linux服务器Nginx日志分析

nginx访问日志文件access.log格式如下:

121.40.233.254 - - [14/Apr/2021:11:42:01 +0800] "GET /media/launch HTTP/1.1" 200 69 "-" "Go-http-client/1.1"
101.200.229.126 - - [14/Apr/2021:11:42:01 +0800] "POST /media/launch HTTP/1.1" 200 48 "-" "fasthttp"
39.107.57.71 - - [14/Apr/2021:11:42:01 +0800] "POST /media/launch HTTP/1.1" 499 0 "-" "fasthttp"
101.37.79.7 - - [14/Apr/2021:11:42:01 +0800] "GET /media/launch HTTP/1.1" 200 69 "-" "Go-http-client/1.1"
8.133.164.245 - - [14/Apr/2021:11:42:01 +0800] "POST /media/launch HTTP/1.1" 200 48 "-" "Java/1.8.0_221"
  1. 分析命令——访问次数最多的10个文件或页面?

    cat access.log | awk '{print $11}' | sort | uniq -c | sort -nr | head -10

  2. 统计GET /media/launch接口在某天的调用次数 -------有问题

    cat access.log | grep 'GET /media/launch' | wc -l

  3. 统计状态码非 200 的地址及其数量

    cat access.log | awk '{print $9,$10}' | awk 'BEGIN{count[$1]=0}($2!=200){count[$1]+=1}END{for(i in count) print(i, count[i])}'

  4. 统计ip访问次数前10

    awk -F '[[, ",?]' '{print $1,$5,$8,$9,$13}' access.log | sort | uniq -c | sort -k 1 -n -r |head -10

  5. 查看访问域名,并统计访问量(可查看是否有未知的域名记录)

    cat access.log | awk '{print $11}' | awk -F 'http://' '{print $2}' | awk -F '/' '{print $1}' | sort | uniq -c | sort -rn -k 1

  6. 统计每五分钟访问量

    awk -F: '{a[$2":"($3-$3%5)]++}END{for(i in a){split(i,t);print i" 至",t[1]":"t[2]+4," 访问 "a[i] " 次" | "sort -t: -k1n -k2n"}}' access.log

- End -




(2)
nginx