1、總請求數(shù)

wc -l access.log |awk '{print $1}'

2、獨立IP數(shù)

awk '{print $1}' access.log|sort |uniq |wc -l

3、每秒客戶端請求數(shù) TOP5

awk  -F'[ []' '{print $5}' access.log|sort|uniq -c|sort -rn|head -5

4、訪問最頻繁IP Top5

awk '{print $1}' access.log|sort |uniq -c | sort -rn |head -5

5、訪問最頻繁的URL TOP5

awk '{print $7}' access.log|sort |uniq -c | sort -rn |head -5

6、響應(yīng)大于10秒的URL TOP5

awk '{if ($12 > 10){print $7}}' access.log|sort|uniq -c|sort -rn |head -5

7、HTTP狀態(tài)碼(非200)統(tǒng)計 Top5

awk '{if ($13 != 200){print $13}}' access.log|sort|uniq -c|sort -rn|head -5

8、分析請求數(shù)大于50000的源IP的行為

awk '{print $1}' access.log|sort |uniq -c |sort -rn|awk '{if ($1 > 50000){print $2}}' > tmp.txt
for i in $(cat tmp.txt)
do
   echo $i  >> analysis.txt
   echo "訪問行為統(tǒng)計" >> analysis.txt
   grep $i  access.log|awk '{print $6}' |sort |uniq -c | sort -rn |head -5 >> analysis.txt
   echo "訪問接口統(tǒng)計" >> analysis.txt
   grep $i  access.log|awk '{print $7}' |sort |uniq -c | sort -rn |head -5 >> analysis.txt
   echo -e "\n"  >> /root/analysis/$Ydate.txt
done