nginx访问日志文件access.log格式如下:
121.40.233.254 - - [14/Apr/2021:11:42:01 +0800] "GET /media/launch HTTP/1.1" 200 69 "-" "Go-http-client/1.1"
101.200.229.126 - - [14/Apr/2021:11:42:01 +0800] "POST /media/launch HTTP/1.1" 200 48 "-" "fasthttp"
39.107.57.71 - - [14/Apr/2021:11:42:01 +0800] "POST /media/launch HTTP/1.1" 499 0 "-" "fasthttp"
101.37.79.7 - - [14/Apr/2021:11:42:01 +0800] "GET /media/launch HTTP/1.1" 200 69 "-" "Go-http-client/1.1"
8.133.164.245 - - [14/Apr/2021:11:42:01 +0800] "POST /media/launch HTTP/1.1" 200 48 "-" "Java/1.8.0_221"
分析命令——访问次数最多的10个文件或页面?
cat access.log | awk \'{print $11}\' | sort | uniq -c | sort -nr | head -10
统计GET /media/launch接口在某天的调用次数 -------有问题
cat access.log | grep \'GET /media/launch\' | wc -l
统计状态码非 200 的地址及其数量
cat access.log | awk \'{print $9,$10}\' | awk \'BEGIN{count[$1]=0}($2!=200){count[$1]+=1}END{for(i in count) print(i, count[i])}\'
统计ip访问次数前10
awk -F \'[[, ",?]\' \'{print $1,$5,$8,$9,$13}\' access.log | sort | uniq -c | sort -k 1 -n -r |head -10
查看访问域名,并统计访问量(可查看是否有未知的域名记录)
cat access.log | awk \'{print $11}\' | awk -F \'http://\' \'{print $2}\' | awk -F \'/\' \'{print $1}\' | sort | uniq -c | sort -rn -k 1
统计每五分钟访问量
awk -F: \'{a[$2":"($3-$3%5)]++}END{for(i in a){split(i,t);print i" 至",t[1]":"t[2]+4," 访问 "a[i] " 次" | "sort -t: -k1n -k2n"}}\' access.log