|
@@ -1,7 +1,17 @@
|
|
|
|
+## Simple shell-based log analysis
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+#### Define hostname
|
|
|
|
+```
|
|
|
|
+vhost_name="www\.example\.com"
|
|
|
|
+vhost_name="fam\.s-up\.net"
|
|
|
|
+```
|
|
|
|
+
|
|
#### Group by IP since 24h
|
|
#### Group by IP since 24h
|
|
```
|
|
```
|
|
docker logs reverse-proxy --since 24h 2>&1 \
|
|
docker logs reverse-proxy --since 24h 2>&1 \
|
|
-| grep -e "fam\.s-up\.net" \
|
|
|
|
|
|
+| grep -e $vhost_name \
|
|
| grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" \
|
|
| grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" \
|
|
| sort \
|
|
| sort \
|
|
| uniq -c
|
|
| uniq -c
|
|
@@ -12,7 +22,7 @@ docker logs reverse-proxy --since 24h 2>&1 \
|
|
```
|
|
```
|
|
for ip in `
|
|
for ip in `
|
|
docker logs reverse-proxy 2>&1 \
|
|
docker logs reverse-proxy 2>&1 \
|
|
- | grep -e "fam\.s-up\.net" \
|
|
|
|
|
|
+ | grep -e $vhost_name \
|
|
| grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" \
|
|
| grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" \
|
|
| sort \
|
|
| sort \
|
|
| uniq`; do echo "$ip" `dig -x $ip +short`; done
|
|
| uniq`; do echo "$ip" `dig -x $ip +short`; done
|
|
@@ -21,9 +31,8 @@ for ip in `
|
|
#### Visites sites
|
|
#### Visites sites
|
|
```
|
|
```
|
|
docker logs reverse-proxy 2>&1 \
|
|
docker logs reverse-proxy 2>&1 \
|
|
- | grep -e "fam\.s-up\.net" \
|
|
|
|
|
|
+ | grep -e $vhost_name \
|
|
| grep -oE '[a-z]*.php' \
|
|
| grep -oE '[a-z]*.php' \
|
|
| sort \
|
|
| sort \
|
|
| uniq -c
|
|
| uniq -c
|
|
-```
|
|
|
|
-
|
|
|
|
|
|
+```
|