Add Apache Bytes
From James Dooley's Wiki
Overview
This one liner is designed to add up the apache send or receive byte size for a specific time period and return the IPs that use the most.
Script
daterange='06/Mar/2015:09'; \
domlog='/usr/local/apache/domlogs/petitesy/petitesymphony.com'; \
for ip in $(grep $daterange $domlog | awk '{print $1}' | sort | uniq |sort); \
do grep $daterange $domlog | grep $ip | awk "{total+=\$10}END{printf \"%15s: %'d\n\", \"$ip\", total}"; \
done | sort -n -k 2 | tail
What to change
daterange; Date range is the partial date you would like to search for. For example 06/Mar/2015:09 will match the 9th hour of March 6th 2015. 06/Mar/2015:09:20 will match 9:20 on March 6th 2015.
domlog; This is the specific domlog file you would like to look at. Technically you can set this to a wild card, but the awk will need to be adjusted to take in to account the file name.
If you have a custom domlog setup with received bytes in its own column you can change the command to add up that column instead:
daterange='06/Mar/2015:09'; \
domlog='/usr/local/apache/domlogs/petitesy/petitesymphony.com'; \
for ip in $(grep $daterange $domlog | awk '{print $1}' | sort | uniq |sort); \
do grep $daterange $domlog | grep $ip | awk "{total+=\$6}END{printf \"%15s: %'d\n\", \"$ip\", total}"; \
done | sort -n -k 2 | tail
Obviously this depends on what column you are wanting to add up.
