date: 2020-03-03title: nginx日志检索常用命令 #标题
tags: nginx日志检索 #标签
categories: nginx # 分类
查找特定时间点的日志
cat access.log | awk '$1 >="[21/Jul/2014:14:37:50" && $1 <="[21/Jul/2014:14:38:00"'
禁止特定IP访问
封掉此IP: iptables -t mangle -I PREROUTING -s 192.168.1.53 -j DROP解封命令: iptables -t mangle -D PREROUTING -s 192.168.1.53 -j DROP#查看mangle规则# 打印出行号iptables -t mangle -L --line-numbers |grep DROP# 通过编号删除一条规则iptables -t mangle -D PREROUTING 1
获取IP前10
awk '{print $7}' access.log | sort | uniq -c | sort -n | tail
计算文件中列的和
[root@test-host /tmp]# cat test.txt12345#求列的和awk 'BEGIN{sum=0}{sum+=$1}END{print sum}' test.txt
检索request_time 比较长的日志请求
# 匹配request_time大于1秒以上的请求日志中,并匹配hall的location匹配cat access.log | awk 'substr($10,2,5)>1 && $0~/hall/{print $0}' > lr2-response_long_access.log
统计nginx访问日志的QPS
tail -f access.log | awk '{print $3}' | awk 'BEGIN{key="";count=0}{if(key==$1){count++}else{printf("%s\t%d\r\n", key, count);count=1;key=$1}}'
根据访问IP统计UV
awk '{print $1}' access.log|sort | uniq -c |wc -l
根据URL统计PV
awk '{print $7}' access.log|wc -l
查询访问最频繁的URL
awk '{print $7}' access.log|sort | uniq -c |sort -n -k 1 -r|more
根据时间段统计查看日志
cat access.log| sed -n '/14\/Mar\/2015:21/,/14\/Mar\/2015:22/p'|more
截取30分钟内的日志信息
# 截取三十分钟日志_befor=$(date -d '-30 minutes' "+%F %T")_now=$(date "+%F %T")awk -F '\\[|\\]' -v _befor="${_befor}" -v _now="${_now}" '$2 > _befor && $2 < _now{print $0}' /var/log/nginx//access.log
tomcat日志访问url排名
cat /var/lb/logs/la?/hall/localhost_access_log.2019-03-12.txt | awk -F '\\[|\\]' '$2 > "12/Mar/2019:13:00:00" && $2 < "12/Mar/2019:13:59:59" && $0 !~ /health/{gsub("\?.*$", "");print} ' | awk '{print $6,$7}' | sort | uniq -c | sort -n | tail -20
若有收获,就点个赞吧
0 人点赞
