linux Nginx 日志脚本
linux Nginx 日志脚本
发布时间:2016-12-28 来源:查字典编辑
摘要:任务计划crontab-l115***/home/dongnan/sh/split.sh>>/home/dongnan/sh/cron.lo...

任务计划

crontab -l

1 15 * * * /home/dongnan/sh/split.sh >> /home/dongnan/sh/cron.log 2>&

nginx 日志

ls /var/log/nginx/

20130730-access.log.gz 20130801-access.log.gz 20130803-access.log.gz

20130730-error.log.gz 20130801-error.log.gz 20130803-error.log.gz

20130731-access.log.gz 20130802-access.log.gz access.log

20130731-error.log.gz 20130802-error.log.gz error.log

shell 脚本

cat split.sh

复制代码 代码如下:

#!/bin/bash

#script_name:nginx_log.sh

#description:nginx-log deleted/rotate/compress

#last_update:20130725 by zongming

#Nginx

#Signal Action

#TERM, INT Terminate the server immediately

#QUIT Stop the server

#HUP Configuration changes, start new workers, graceful stop of old workers

#USR1 Reopen log files

#USR2 Upgrade the server executable

#WINCH Graceful Stop (parent process advise the children to exit)

#variables

log_dir=/var/log/nginx/

log_date=$(date +"%Y%m%d")

nginx_pid=/var/run/nginx.pid

keep_days=30

#old_log

find "$log_dir" -name "*.log.gz" -type f -mtime +"${keep_days}" -exec rm -rf {} ;

#rename_log

for log_name in `ls "$log_dir" | awk '/.log$/'`;do

if [ -e "${log_dir}${log_date}-${log_name}" ];then

echo "${log_dir}${log_date}-${log_name} Already exists" && continue

else

/bin/mv "${log_dir}${log_name}" "${log_dir}${log_date}-${log_name}"

/bin/gzip "${log_dir}${log_date}-${log_name}"

fi

done

#new_log

/bin/kill -USR1 $(cat $nginx_pid) && /bin/sleep 1

nginx日志切割脚本:

vi /root/cutlog.sh

复制代码 代码如下:

#!/bin/bash

I=`ps aux | grep nginx | grep root | grep -v 'grep nginx' | awk '{print $14}'` #查找nginx进程

if [ $I == /usr/local/nginx/sbin/nginx ];then

ACCLOG=`cat /usr/local/nginx/conf/nginx.conf | grep ' access_log' | awk '{print $2}'` #如果nginx进程在,就找到配置文件,读取accesslog路径

ERRLOG=`cat /usr/local/nginx/conf/nginx.conf| grep ^error | awk '{print $2}'| cut -d";" -f1` #错误日志的路径

ls $ACCLOG #查看是否有此文件

if [ $? -eq 0 ];then #如果有

mv $ACCLOG $ACCLOG.`date -d "-1 day" +%F` #重命名当前日志

mv $ERRLOG $ERRLOG.`date -d "-1 day" +%F`

touch $ACCLOG #创建空日志

touch $ERRLOG

chown nginx:root $ACCLOG #修改属主

chown nginx:root $ERRLOG

[ -f /usr/local/nginx/logs/nginx.pid ] && kill -USR1 `cat /usr/local/nginx/logs/nginx.pid` #判断进程,并重新加载(这里的kill -USR1会使nginx将新产生的日志写到刚创建的新日志里面。)

/mnt/logs/checklog.sh $ACCLOG.`date "-1 day" +%F` #这个是日志分析脚本

gzip $ACCLOG.`date -d "-1 day" +%F` #压缩日志

gzip $ERRLOG.`date -d "-1 day" +%F`

mv $ACCLOG.`date -d "-10 day" +%F`.* /mnt/history.nginx.log/ #将10天前的老日志清理到其他地方,(你们如果想删除的可以自己改成删除)

mv $ERRLOG.`date -d "-10 day" +%F`.* /mnt/history.nginx.log/

fi

fi

nginx日志分析脚本:

vi /mnt/logs/checklog.sh

复制代码 代码如下:

#!/bin/bash

echo -e "####################`date +%F`" >> /mnt/logs/400.txt

echo -e "####################`date +%F`" >> /mnt/logs/URL.txt

echo -e "####################`date +%F`" >> /mnt/logs/IP.txt

cat $1 | wc -l >> /mnt/logs/IP.txt #分析IP

cat $1 | awk -F'"' '{print $3}' | awk '{print $1}' | sort | uniq -c| sort -rn > /mnt/logs/CODE.txt #分析返回值

cat $1 | awk '{print $1}' | sort | uniq -c| sort -rn | head -n20 >> /mnt/logs/IP.txt

N=`cat /mnt/logs/CODE.txt | wc -l`

for I in $(seq 1 $N)

do

M=`head -n$I /mnt/logs/CODE.txt | tail -n1 | awk '{print $2}'`

if [ $M -ge 400 ]

then

echo "#####FIND $M###############">>/mnt/logs/400.txt #分析错误请求

cat $1 | grep "" $M " | grep -v ' "-" "-" - ' | sort | awk '{print $1 $2 $3 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 $17 $18 $19 $20 $21}' | sort | uniq -c | sort -rn | head -n5 >> /mnt/logs/400.txt

fi

done

cat $1 | grep -v ' "-" "-" - ' | awk -F'T' '{print $2}' | awk -F'?' '{print $1}' | sort |awk '{print $1}' | sed 's/(/review/file/download/).*/1/g' | sort | uniq -c | sort -rn | head -n20 >> /mnt/logs/URL.txt

推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
相关阅读
网友关注
最新linuxshell学习
热门linuxshell学习
脚本专栏子分类