Apache

Request per hour

cat access.log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":00"}' | sort -n | uniq -c

Request per hour by date

grep "23/Jan" access.log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":00"}' | sort -n | uniq -c

Request per hour by IP

grep "XX\.XX\.XX\.XX" access.log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":00"}' | sort -n | uniq -c

Requests per minute

cat access.log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":"$3}' | sort -nk1 -nk2 | uniq -c

Requests per minute for date

 grep "02/Nov/2017" access.log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":"$3}' | sort -nk1 -nk2 | uniq -c

Requests per minute for url

grep "[url]" access.log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":"$3}' | sort -nk1 -nk2 | uniq -c

Request per IP per minute

Sort uniq IP address in from Apache log

Sort uniq IP address in from Apache log and show IP location and Organization

Usage:

./script.sh access_ssl_log

PreviousData exfiltrationNextBash script collection

Last updated

Was this helpful?