Get Unique IP Address and # of Access The Next CEO of Stack OverflowOpen source scripting log analysis: tools for breaking stderr log messages into groups (normal bugs vs abnormal) or looking at trends (we're getting less of this message and more of that one)TCP performance differences between RH Linux and Solaris in java?High load on X3220 Quad Core Linux Apache serverhigh load average, high wait, dmesg raid error messages (debian nfs server)How can I get unique IPv4 and IPv6 visitor counts on nginx access.log in shell?Tracing down High Linux Load - HDD at fault or too many interrupts ? (ksoftirqd Time 437:44.13)Apache MySQL Server Crashing - Large number of connections from localhostSSH config (~/.ssh/config) - advanced configurationMySQL exits without any outputCheck if a constant file request is flooding the server
Why did CATV standarize in 75 ohms and everyone else in 50?
Why, when going from special to general relativity, do we just replace partial derivatives with covariant derivatives?
If Nick Fury and Coulson already knew about aliens (Kree and Skrull) why did they wait until Thor's appearance to start making weapons?
Easy to read palindrome checker
Chain wire methods together in Lightning Web Components
Should I cite using beginthebibliography or beginfilecontents*
I want to delete every two lines after 3rd lines in file contain very large number of lines :
Some questions about different axiomatic systems for neighbourhoods
WOW air has ceased operation, can I get my tickets refunded?
Why doesn't UK go for the same deal Japan has with EU to resolve Brexit?
Why don't programming languages automatically manage the synchronous/asynchronous problem?
Unclear about dynamic binding
Do I need to write [sic] when a number is less than 10 but isn't written out?
Bartok - Syncopation (1): Meaning of notes in between Grand Staff
Why is information "lost" when it got into a black hole?
Can MTA send mail via a relay without being told so?
How did people program for Consoles with multiple CPUs?
INSERT to a table from a database to other (same SQL Server) using Dynamic SQL
Powershell. How to parse gci Name?
Is there always a complete, orthogonal set of unitary matrices?
What happened in Rome, when the western empire "fell"?
Reference request: Grassmannian and Plucker coordinates in type B, C, D
What flight has the highest ratio of time difference to flight time?
Solving system of ODEs with extra parameter
Get Unique IP Address and # of Access
The Next CEO of Stack OverflowOpen source scripting log analysis: tools for breaking stderr log messages into groups (normal bugs vs abnormal) or looking at trends (we're getting less of this message and more of that one)TCP performance differences between RH Linux and Solaris in java?High load on X3220 Quad Core Linux Apache serverhigh load average, high wait, dmesg raid error messages (debian nfs server)How can I get unique IPv4 and IPv6 visitor counts on nginx access.log in shell?Tracing down High Linux Load - HDD at fault or too many interrupts ? (ksoftirqd Time 437:44.13)Apache MySQL Server Crashing - Large number of connections from localhostSSH config (~/.ssh/config) - advanced configurationMySQL exits without any outputCheck if a constant file request is flooding the server
I found the following code to see which IP Addresses has the highest hits:
FILE=access.log; for ip in
cat $FILE |cut -d ' ' -f 1 |sort |uniq; do COUNT=grep ^$ip $FILE ; done
The above code displays the IP address with more than 500 hits (i.e. access on the site by opening the URL)
But that script is too slow. Is there any other code that create the same output?
Plus, how to display the top 10 results only that has the highest hits or access on the URL?
linux ubuntu-12.04 logging
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I found the following code to see which IP Addresses has the highest hits:
FILE=access.log; for ip in
cat $FILE |cut -d ' ' -f 1 |sort |uniq; do COUNT=grep ^$ip $FILE ; done
The above code displays the IP address with more than 500 hits (i.e. access on the site by opening the URL)
But that script is too slow. Is there any other code that create the same output?
Plus, how to display the top 10 results only that has the highest hits or access on the URL?
linux ubuntu-12.04 logging
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
how big is the access.log file?
– tony roth
Jul 11 '13 at 13:56
Average 125MB/day..
– jaYPabs
Jul 11 '13 at 13:57
Try log aggregation with Logstash and Kibana.
– Tom O'Connor
Jul 11 '13 at 14:35
1
Short answer: yes.cut -d' ' -f1 access.log | sort | uniq -c | awk '$1 ~ /[5-9][0-9][0-9]|[0-9][0-9][0-9][0-9]+/'. Only reads through your access log once rather than once per IP address. You can add| sort -non the end if you want them sorted by hits.
– Ladadadada
Jul 11 '13 at 15:23
add a comment |
I found the following code to see which IP Addresses has the highest hits:
FILE=access.log; for ip in
cat $FILE |cut -d ' ' -f 1 |sort |uniq; do COUNT=grep ^$ip $FILE ; done
The above code displays the IP address with more than 500 hits (i.e. access on the site by opening the URL)
But that script is too slow. Is there any other code that create the same output?
Plus, how to display the top 10 results only that has the highest hits or access on the URL?
linux ubuntu-12.04 logging
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
I found the following code to see which IP Addresses has the highest hits:
FILE=access.log; for ip in
cat $FILE |cut -d ' ' -f 1 |sort |uniq; do COUNT=grep ^$ip $FILE ; done
The above code displays the IP address with more than 500 hits (i.e. access on the site by opening the URL)
But that script is too slow. Is there any other code that create the same output?
Plus, how to display the top 10 results only that has the highest hits or access on the URL?
linux ubuntu-12.04 logging
linux ubuntu-12.04 logging
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
edited Jul 11 '13 at 14:12
jaYPabs
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
asked Jul 11 '13 at 13:09
jaYPabsjaYPabs
1141214
1141214
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
how big is the access.log file?
– tony roth
Jul 11 '13 at 13:56
Average 125MB/day..
– jaYPabs
Jul 11 '13 at 13:57
Try log aggregation with Logstash and Kibana.
– Tom O'Connor
Jul 11 '13 at 14:35
1
Short answer: yes.cut -d' ' -f1 access.log | sort | uniq -c | awk '$1 ~ /[5-9][0-9][0-9]|[0-9][0-9][0-9][0-9]+/'. Only reads through your access log once rather than once per IP address. You can add| sort -non the end if you want them sorted by hits.
– Ladadadada
Jul 11 '13 at 15:23
add a comment |
how big is the access.log file?
– tony roth
Jul 11 '13 at 13:56
Average 125MB/day..
– jaYPabs
Jul 11 '13 at 13:57
Try log aggregation with Logstash and Kibana.
– Tom O'Connor
Jul 11 '13 at 14:35
1
Short answer: yes.cut -d' ' -f1 access.log | sort | uniq -c | awk '$1 ~ /[5-9][0-9][0-9]|[0-9][0-9][0-9][0-9]+/'. Only reads through your access log once rather than once per IP address. You can add| sort -non the end if you want them sorted by hits.
– Ladadadada
Jul 11 '13 at 15:23
how big is the access.log file?
– tony roth
Jul 11 '13 at 13:56
how big is the access.log file?
– tony roth
Jul 11 '13 at 13:56
Average 125MB/day..
– jaYPabs
Jul 11 '13 at 13:57
Average 125MB/day..
– jaYPabs
Jul 11 '13 at 13:57
Try log aggregation with Logstash and Kibana.
– Tom O'Connor
Jul 11 '13 at 14:35
Try log aggregation with Logstash and Kibana.
– Tom O'Connor
Jul 11 '13 at 14:35
1
1
Short answer: yes.
cut -d' ' -f1 access.log | sort | uniq -c | awk '$1 ~ /[5-9][0-9][0-9]|[0-9][0-9][0-9][0-9]+/'. Only reads through your access log once rather than once per IP address. You can add | sort -n on the end if you want them sorted by hits.– Ladadadada
Jul 11 '13 at 15:23
Short answer: yes.
cut -d' ' -f1 access.log | sort | uniq -c | awk '$1 ~ /[5-9][0-9][0-9]|[0-9][0-9][0-9][0-9]+/'. Only reads through your access log once rather than once per IP address. You can add | sort -n on the end if you want them sorted by hits.– Ladadadada
Jul 11 '13 at 15:23
add a comment |
1 Answer
1
active
oldest
votes
You're re-inventing the wheel. Try this:
sed -e 's/([0-9]+.[0-9]+.[0-9]+.[0-9]+).*$/1/' -e t -e d access.log | sort | uniq -c
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f522529%2fget-unique-ip-address-and-of-access%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You're re-inventing the wheel. Try this:
sed -e 's/([0-9]+.[0-9]+.[0-9]+.[0-9]+).*$/1/' -e t -e d access.log | sort | uniq -c
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
add a comment |
You're re-inventing the wheel. Try this:
sed -e 's/([0-9]+.[0-9]+.[0-9]+.[0-9]+).*$/1/' -e t -e d access.log | sort | uniq -c
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
add a comment |
You're re-inventing the wheel. Try this:
sed -e 's/([0-9]+.[0-9]+.[0-9]+.[0-9]+).*$/1/' -e t -e d access.log | sort | uniq -c
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
You're re-inventing the wheel. Try this:
sed -e 's/([0-9]+.[0-9]+.[0-9]+.[0-9]+).*$/1/' -e t -e d access.log | sort | uniq -c
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
answered Jul 11 '13 at 14:00
SatanicpuppySatanicpuppy
5,52811216
5,52811216
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
add a comment |
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Thanks. How to get top 10 or top 20 only with highest hits?
– jaYPabs
Jul 11 '13 at 14:02
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
Just add '| head -n 20' to the end of the command above.
– slhsen
Dec 30 '15 at 13:56
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f522529%2fget-unique-ip-address-and-of-access%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
how big is the access.log file?
– tony roth
Jul 11 '13 at 13:56
Average 125MB/day..
– jaYPabs
Jul 11 '13 at 13:57
Try log aggregation with Logstash and Kibana.
– Tom O'Connor
Jul 11 '13 at 14:35
1
Short answer: yes.
cut -d' ' -f1 access.log | sort | uniq -c | awk '$1 ~ /[5-9][0-9][0-9]|[0-9][0-9][0-9][0-9]+/'. Only reads through your access log once rather than once per IP address. You can add| sort -non the end if you want them sorted by hits.– Ladadadada
Jul 11 '13 at 15:23