尊龙凯时人生就是博

ÔõÑùʹÓÃLinux¾ÙÐÐÍøÂçÈÕÖ¾ÆÊÎö£¿

ÔõÑùʹÓÃlinux¾ÙÐÐÍøÂçÈÕÖ¾ÆÊÎö£¿

Ëæ×Å»¥ÁªÍøµÄ¿ìËÙÉú³¤ £¬ÍøÂçÈÕÖ¾ÆÊÎöÖð½¥³ÉΪÁËÐí¶àÆóÒµºÍ×éÖ¯±Ø²»¿ÉÉÙµÄÒ»ÏîÊÂÇ顣ͨ¹ýÍøÂçÈÕÖ¾ÆÊÎö £¬ÎÒÃÇ¿ÉÒÔÏàʶÓû§µÄÐÐΪ¡¢ÓÅ»¯ÍøÕ¾ÐÔÄÜ¡¢¼ì²âÍøÂç¹¥»÷µÈ¡£ÔÚ Linux ÇéÐÎÏ £¬ÎÒÃÇ¿ÉÒÔʹÓÃһЩǿʢµÄ¹¤¾ßÀ´¾ÙÐÐÍøÂçÈÕÖ¾ÆÊÎö £¬±¾ÎĽ«ÏÈÈÝÔõÑùʹÓÃÕâЩ¹¤¾ß¾ÙÐÐÍøÂçÈÕÖ¾ÆÊÎö¡£

×°ÖúÍÉèÖÃÈÕÖ¾ÍøÂ繤¾ß

Ê×ÏÈ £¬ÎÒÃÇÐèҪװÖÃÒ»¸öÈÕÖ¾ÍøÂ繤¾ß £¬ÀýÈç rsyslog »ò syslog-ng¡£ÕâЩ¹¤¾ß¿ÉÒÔ×ÊÖúÎÒÃǽ«ÈÕÖ¾´Ó²î±ðµÄȪԴÍøÂçµ½Ò»ÆäÖÐÑëÈÕ־ЧÀÍÆ÷ÉÏ¡£ÔÚ Ubuntu ϵͳÉÏ £¬¿ÉÒÔʹÓÃÒÔÏÂÏÂÁî×°Öà rsyslog£º

sudo apt-get update
sudo apt-get install rsyslog

µÇ¼ºó¸´ÖÆ

×°ÖÃÍê³Éºó £¬ÎÒÃÇÐèÒª¾ÙÐÐÉèÖ᣷­¿ª rsyslog µÄÉèÖÃÎļþ /etc/rsyslog.conf £¬Ìí¼ÓÏÂÃæµÄÉèÖãº

# ½«ÐÂÎÅת·¢µ½Ô¶³ÌÈÕ־ЧÀÍÆ÷
*.* @Ô¶³ÌЧÀÍÆ÷IPµØµã:514

µÇ¼ºó¸´ÖÆ

½« “Ô¶³ÌЧÀÍÆ÷IPµØµã” Ì滻ΪÄãµÄÖÐÑëÈÕ־ЧÀÍÆ÷µÄ IP µØµã¡£ÉúÑÄÉèÖÃÎļþºó £¬ÖØÆô rsyslog ЧÀÍ£º

sudo service rsyslog restart

µÇ¼ºó¸´ÖÆ

ÆÊÎöÈÕÖ¾

Ò»µ©ÉèÖúÃÁËÈÕÖ¾ÍøÂ繤¾ß £¬ÎÒÃǾͿÉÒÔ×îÏÈÆÊÎöÈÕÖ¾ÁË¡£ÔÚ Linux ÇéÐÎÏ £¬ÓÐһЩǿʢµÄ¹¤¾ß¿ÉÒÔ×ÊÖúÎÒÃǾÙÐÐÍøÂçÈÕÖ¾ÆÊÎö £¬ÀýÈç grep¡¢awk¡¢sed ºÍ Perl µÈ¡£

2.1 ʹÓà grep ¾ÙÐйýÂË

grep ÊÇÒ»¸öÇ¿Ê¢µÄÎı¾¹ýÂ˹¤¾ß £¬ÎÒÃÇ¿ÉÒÔʹÓÃËüÀ´¹ýÂ˲¢ÌáÈ¡¸ÐÐËȤµÄÈÕÖ¾ÐС£ÒÔÏÂÊÇһЩ³£ÓÃµÄ grep ÏÂÁîʾÀý£º

# ¹ýÂË°üÀ¨Òªº¦×Ö "error" µÄÈÕÖ¾ÐÐ
grep "error" /var/log/syslog

# ¹ýÂË»á¼ûÈÕÖ¾ÖÐµÄ IP µØµã
grep -oE "([0-9]{1,3}.){3}[0-9]{1,3}" /var/log/apache/access.log

# ͳ¼Æ°üÀ¨Òªº¦×Ö "GET" µÄÈÕÖ¾ÐÐÊý
grep -c "GET" /var/log/apache/access.log

µÇ¼ºó¸´ÖÆ

2.2 ʹÓà awk ¾ÙÐÐÊý¾ÝÌáÈ¡ºÍÆÊÎö

awk ÊÇÒ»ÖÖÇ¿Ê¢µÄÎı¾´¦Àí¹¤¾ß £¬¿ÉÒÔ×ÊÖúÎÒÃǶÔÈÕÖ¾¾ÙÐÐÊý¾ÝÌáÈ¡ºÍÆÊÎö¡£ÒÔÏÂÊÇһЩ³£ÓÃµÄ awk ÏÂÁîʾÀý£º

# ÌáÈ¡»á¼ûÈÕÖ¾ÖеÄÈÕÆÚºÍʱ¼ä
awk '{print $4}' /var/log/apache/access.log

# ͳ¼Æ»á¼ûÈÕÖ¾ÖÐÿ¸ö IP µÄ»á¼û´ÎÊý
awk '{++count[$1]} END {for (ip in count) print ip, count[ip]}' /var/log/apache/access.log

µÇ¼ºó¸´ÖÆ

2.3 ʹÓà sed ¾ÙÐÐÈÕÖ¾Ìæ»»ºÍ±à¼­

sed ÊÇÒ»¸öÇ¿Ê¢µÄÁ÷ʽÎı¾±à¼­Æ÷ £¬¿ÉÒÔ×ÊÖúÎÒÃǶÔÈÕÖ¾¾ÙÐÐÌæ»»ºÍ±à¼­¡£ÒÔÏÂÊÇһЩ³£ÓÃµÄ sed ÏÂÁîʾÀý£º

# Ìæ»»»á¼ûÈÕÖ¾ÖÐµÄ IP µØµã
sed 's/[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}/IPµØµã/g' /var/log/apache/access.log

# ɾ³ý»á¼ûÈÕÖ¾ÖеĿÕȱÐÐ
sed '/^s*$/d' /var/log/apache/access.log

µÇ¼ºó¸´ÖÆ

2.4 ʹÓà Perl ¾ÙÐи߼¶Êý¾Ý´¦Àí

Perl ÊÇÒ»ÖÖÇ¿Ê¢µÄ¾ç±¾ÓïÑÔ £¬¿ÉÒÔ×ÊÖúÎÒÃǾÙÐи߼¶µÄÊý¾Ý´¦ÀíºÍÆÊÎö¡£ÒÔÏÂÊÇÒ»¸ö¼òÆ Perl ¾ç±¾Ê¾Àý £¬ÓÃÓÚͳ¼Æ»á¼ûÈÕÖ¾ÖÐÿ¸ö IP µØµãµÄ»á¼û´ÎÊý£º

#!/usr/bin/perl

use strict;
use warnings;

my %count;

while (<>) {
    chomp;
    my ($ip) = $_ =~ /(d+.d+.d+.d+)/;
    ++$count{$ip};
}

foreach my $ip (keys %count) {
    print "$ip: $count{$ip}
";
}

µÇ¼ºó¸´ÖÆ

ÉúÑÄÉÏÊö¾ç±¾Îª log_analysis.pl £¬È»ºóÔËÐÐÒÔÏÂÏÂÁ

perl log_analysis.pl /var/log/apache/access.log

µÇ¼ºó¸´ÖÆ

ÒÔÉÏÊÇһЩ³£ÓõŤ¾ßºÍÏÂÁîʾÀý £¬×ÊÖúÄã¾ÙÐÐÍøÂçÈÕÖ¾ÆÊÎö¡£ËäÈ» £¬ÕâÖ»ÊÇÍøÂçÈÕÖ¾ÆÊÎöµÄÈëÃż¶ÄÚÈÝ £¬ÉÐÓÐÐí¶à¸ü¸ß¼¶ºÍÖØ´óµÄÆÊÎöÊÖÒպ͹¤¾ßÆÚ´ýÄãȥ̽Ë÷¡£Ï£Íû±¾ÎĶÔÄãÓÐËù×ÊÖú £¬×£ÄãÔÚ Linux ÇéÐÎÏÂÍøÂçÈÕÖ¾ÆÊÎöÊÂÇé˳Ë죡

ÒÔÉϾÍÊÇÔõÑùʹÓÃLinux¾ÙÐÐÍøÂçÈÕÖ¾ÆÊÎö£¿µÄÏêϸÄÚÈÝ £¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí £¬°æȨÕùÒéÓë±¾Õ¾ÎÞ¹Ø £¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í尊龙凯时人生就是博ÂËÓÍ»úÍø¹Ù·½Ì¬¶È £¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ £¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢ £¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢ £¬ÇëÄúÁ¬Ã¦ÁªÏµ尊龙凯时人生就是博ʵʱÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ尊龙凯时人生就是博

18523999891

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎå £¬9:30-18:30 £¬½ÚãåÈÕÐÝÏ¢

QR code
sitemap¡¢ÍøÕ¾µØͼ