smali-kazmi
/ web server log analysis cheat sheet
Created
November 9, 2022 14:56
— forked from hvelarde/web server log analysis cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # get total requests by status code | |
| awk '{print $9}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | |
| # get top requesters by IP | |
| awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head | awk -v OFS='\t' '{"host " $2 | getline ip; print $0, ip}' | |
| # get top requesters by user agent | |
| awk -F'"' '{print $6}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head | |
| # get top requests by URL |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cd ~ | |
| sudo apt-get update | |
| sudo apt-get install openjdk-7-jre-headless -y | |
| ### Check http://www.elasticsearch.org/download/ for latest version of ElasticSearch and replace wget link below | |
| # NEW WAY / EASY WAY | |
| wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.1.1.deb | |
| sudo dpkg -i elasticsearch-1.1.1.deb |