Difference between revisions of "View Domlogs for top visitors"
From James Dooley's Wiki
(→What to change) |
|||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| + | [[Category:One Liners]] | ||
==Overview== | ==Overview== | ||
Enter a partial date string to get top visitors during that period. Will also return site and all user agents that IP has used. | Enter a partial date string to get top visitors during that period. Will also return site and all user agents that IP has used. | ||
| Line 4: | Line 5: | ||
===Standard=== | ===Standard=== | ||
| − | < | + | <source lang='bash'> |
| − | for i in $(grep $datestring /usr/local/apache/domlogs/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | + | echo "Date String [31/Mar/2011:13:4]"; read datestring; \ |
| + | for i in $(grep $datestring /usr/local/apache/domlogs/*/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | ||
do count=`echo $i | cut -d: -f1`; \ | do count=`echo $i | cut -d: -f1`; \ | ||
ip=`echo $i | cut -d: -f3`; \ | ip=`echo $i | cut -d: -f3`; \ | ||
domain=`echo $i | cut -d: -f2`; \ | domain=`echo $i | cut -d: -f2`; \ | ||
agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | ||
| − | echo -e "$count $ip $domain $agent"; done </ | + | echo -e "$count $ip $domain $agent"; done |
| + | </source> | ||
===Auto Date=== | ===Auto Date=== | ||
| − | < | + | <source lang='bash'> |
| − | for i in $(grep $datestring /usr/local/apache/domlogs/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | + | datestring=`date | awk '{print $3 "/" $2 "/" $6 ":" $4}' | sed 's/....$//'`; \ |
| + | for i in $(grep $datestring /usr/local/apache/domlogs/*/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | ||
do count=`echo $i | cut -d: -f1`; \ | do count=`echo $i | cut -d: -f1`; \ | ||
ip=`echo $i | cut -d: -f3`; \ | ip=`echo $i | cut -d: -f3`; \ | ||
domain=`echo $i | cut -d: -f2`; \ | domain=`echo $i | cut -d: -f2`; \ | ||
agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | ||
| − | echo -e "$count $ip $domain $agent"; done </ | + | echo -e "$count $ip $domain $agent"; done |
| + | </source> | ||
===Auto Date (Minus 10m)=== | ===Auto Date (Minus 10m)=== | ||
| − | < | + | <source lang='bash'> |
| − | for i in $(grep $datestring /usr/local/apache/domlogs/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | + | datestring=`date -d "10 min ago" | awk '{print $3 "/" $2 "/" $6 ":" $4}' | sed 's/....$//'`; \ |
| + | for i in $(grep $datestring /usr/local/apache/domlogs/*/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | ||
do count=`echo $i | cut -d: -f1`; \ | do count=`echo $i | cut -d: -f1`; \ | ||
ip=`echo $i | cut -d: -f3`; \ | ip=`echo $i | cut -d: -f3`; \ | ||
domain=`echo $i | cut -d: -f2`; \ | domain=`echo $i | cut -d: -f2`; \ | ||
agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | ||
| − | echo -e "$count $ip $domain $agent"; done </ | + | echo -e "$count $ip $domain $agent"; done |
| + | </source> | ||
| + | |||
| + | ===Single Domain=== | ||
| + | <source lang='bash'> | ||
| + | echo "Date String [31/Mar/2011:13:4]"; read datestring; \ | ||
| + | echo "File Name (with path)"; read logfile;\ | ||
| + | for i in $(grep "$datestring" $logfile | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \ | ||
| + | do count=`echo $i | cut -d: -f1`; \ | ||
| + | ip=`echo $i | cut -d: -f2`; \ | ||
| + | agent=`grep $datestring $logfile | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \ | ||
| + | echo -e "$count $ip $domain $agent"; done | ||
| + | </source> | ||
==What to change== | ==What to change== | ||
| Line 39: | Line 57: | ||
31/Mar/2011:13 will return 13:00 - 13:59 | 31/Mar/2011:13 will return 13:00 - 13:59 | ||
| + | |||
| + | |||
| + | Also the auto date (minus 10m) can be changed to go back a certain amount of time. | ||
| + | |||
| + | By default this still only shows a 10 minute period. | ||
Latest revision as of 14:30, 25 March 2014
Contents
Overview
Enter a partial date string to get top visitors during that period. Will also return site and all user agents that IP has used.
Script
Standard
echo "Date String [31/Mar/2011:13:4]"; read datestring; \
for i in $(grep $datestring /usr/local/apache/domlogs/*/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \
do count=`echo $i | cut -d: -f1`; \
ip=`echo $i | cut -d: -f3`; \
domain=`echo $i | cut -d: -f2`; \
agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \
echo -e "$count $ip $domain $agent"; done
Auto Date
datestring=`date | awk '{print $3 "/" $2 "/" $6 ":" $4}' | sed 's/....$//'`; \
for i in $(grep $datestring /usr/local/apache/domlogs/*/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \
do count=`echo $i | cut -d: -f1`; \
ip=`echo $i | cut -d: -f3`; \
domain=`echo $i | cut -d: -f2`; \
agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \
echo -e "$count $ip $domain $agent"; done
Auto Date (Minus 10m)
datestring=`date -d "10 min ago" | awk '{print $3 "/" $2 "/" $6 ":" $4}' | sed 's/....$//'`; \
for i in $(grep $datestring /usr/local/apache/domlogs/*/* | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \
do count=`echo $i | cut -d: -f1`; \
ip=`echo $i | cut -d: -f3`; \
domain=`echo $i | cut -d: -f2`; \
agent=`grep $datestring $domain | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \
echo -e "$count $ip $domain $agent"; done
Single Domain
echo "Date String [31/Mar/2011:13:4]"; read datestring; \
echo "File Name (with path)"; read logfile;\
for i in $(grep "$datestring" $logfile | awk {'print $1'} | sort | uniq -c | sort -n | sed -e 's/^[ \t]*//' | awk '{print $1 ":" $2}' | tail -10); \
do count=`echo $i | cut -d: -f1`; \
ip=`echo $i | cut -d: -f2`; \
agent=`grep $datestring $logfile | grep $ip | cut -d '"' -f6 | sort | uniq -c | sort -n | awk {'print "\n\t" $0'}` ; \
echo -e "$count $ip $domain $agent"; done
What to change
Datestring
The less information you put in to this the wider the search area.
31/Mar/2011:13:4 will return 13:40 - 13:49
31/Mar/2011:13 will return 13:00 - 13:59
Also the auto date (minus 10m) can be changed to go back a certain amount of time.
By default this still only shows a 10 minute period.
