Login to your server via SSH.
Navigate to your /access-logs directory with the following command, in this example our username is userna5:
cd ~userna5/access-logs
Run the following command to view what Apache access logs are currently in the directory:
ls -lahtr
You should get back a listing similar to this:
drwxr-xr-x 3 root at0m 4.0K Dec 31 16:47 .
drwx--x--x 9 root wheel 4.0K Jan 4 06:01 ..
-rw-r----- 2 root at0m 15K Jan 9 05:09 ftp.example.com-ftp_log
-rw-r----- 2 root at0m 3M Jan 23 13:10 example.com
Scripts for view Apache requests per day
Run the following command to see requests per day:
awk '{print $4}' example.com | cut -d: -f1 | uniq -c
Code breakdown:
awk '{print $4}' example.com Use the awk command to print out the $4th column of data from the Apache access log which is the time stamp.
cut -d: -f1 | uniq -c Use the cut command with the -delimter set to a colon : and grab the -field of data that shows up 1st before the delimiter. Then use the uniq -c command to uniquely count up the hits.
You should get back something like this:
6095 [20/Jan/2013
7281 [21/Jan/2013
6517 [22/Jan/2013
5278 [23/Jan/2013
Scripts for view Apache requests per hour
Run the following command to see requests per hour:
grep "23/Jan" progolfdeal.com | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":00"}' | sort -n | uniq -c
Code breakdown:
grep "23/Jan" progolfdeal.com Use the grep command to only show hits from today from the Apache access log.
cut -d[ -f2 | cut -d] -f1 Use the cut command with the -delimter set to an opening bracket [ and print out the -field of data that shows up 2nd, then use the cut command again with the -delimter set to a closing bracket ] and print out the -field of data that shows up 1st which gives us just the time stamp.
awk -F: '{print $2":00"}' Use the awk command with the -Field delimiter set to a colon :, then print out the $2nd column of data which is the hour, and append ":00" to the end of it.
sort -n | uniq -c Finally sort the hours numerically, and then uniquely count them up.
You should get back something like this:
200 00:00
417 01:00
244 02:00
242 03:00
344 04:00
402 05:00
522 06:00
456 07:00
490 08:00
438 09:00
430 10:00
357 11:00
284 12:00
391 13:00
163 14:00
Scripts for view Apache requests per minute
Run the following command to see requests per minute:
grep "23/Jan/2013:06" example.com | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":"$3}' | sort -nk1 -nk2 | uniq -c | awk '{ if ($1 > 10) print $0}'
Code breakdown:
grep "23/Jan/2013:06" example.com Use the grep command to only show hits from today during the 06th hour from our Apache access log.
cut -d[ -f2 | cut -d] -f1 Use the cut command with the -delimter set to an opening bracket [ and print out the -field of data that shows up 2nd, then use the cut command again with the -delimter set to a closing bracket ] and print out the -field of data that shows up 1st which gives us just the time stamp.
awk -F: '{print $2":"$3}' Use the awk command with the -Field delimiter set to a colon :, then print out the $2nd column which is the hour, follwed by the $3th colum which is the minute.
sort -nk1 -nk2 | uniq -c Sort the hits numerically by the 1st column which is the hour, then by the 2nd column which is the minute.
awk '{ if ($1 > 10) print $0}' Finally use the awk command with an if statment to only print out data when the $1st colum which is the number of hits in a minute is greater than 10.
You should get back something similar to this:
12 06:10
11 06:11
16 06:12
13 06:20
11 06:21
12 06:28
12 06:30
16 06:31
14 06:39
11 06:40
15 06:52
32 06:53
43 06:54
14 06:55
