kennedyj/parse-apache-access.sh

## parse-apache-access.sh
#!/bin/bash

function display_help {
  cat <<EOF
Usage: $0 [OPTIONS...] COMMAND FILENAME

  -d, --date                 date time from the log
                               22/Apr/2013
                               22/Apr/2013:14:
  -p, --path                 escaped relative url path
  -m, --method               HTTP method [GET,POST,DELETE...]

  COMMANDS

      links                  show the unique ip and relative url
      not-matched            show the lines that did not match
      raw                    the matched lines
      timeouts               show the count per ip of timeouts for a given date
      uniq-ip                show only the unique ip addresses
EOF
}

# parse command line options
while :
do
  case "$1" in
    -d | --date)
      date="$2"
      shift 2
      ;;
    -p | --path)
      path="$2"
      shift 2
      ;;
    -m | --method)
      method="$2"
      shift 2
      ;;
    -h | --help)
      display_help
      exit 0
      ;;
    --) # End of all options
      shift
      break
      ;;
    -*)
      error_exit "Error: Unknown option: $1" >&2
      exit 1
      ;;
    *)  # No more options
      break
      ;;
  esac
done

if [ -z "$method" ]; then
  method='.*'
fi

action="$1"
filename="$2"

if [ -z "$action" ]; then
  echo "no command specified" >&2
  display_help
  exit 1
fi
if [ -z "$filename" ]; then
  echo "no file specified" >&2
  display_help
  exit 1
fi

case "$action" in
  links)
    grep "\[$date.* \"$method .*$path.*HTTP\/" $filename | awk '{print $1,$7;}' | sort | uniq
    ;;
  not-matched)
    grep -v "\[$date.* \"$method .*$path.*HTTP\/" $filename
    ;;
  raw)
    grep "\[$date.* \"$method .*$path.*HTTP\/" $filename
    ;;
  timeouts)
    grep "\[$date.*] \"-\" 408" $filename | awk '{count[$1]++}END{for(j in count) print j,count[j]}' | sort
    ;;
  uniq-ip)
    grep "\[$date.* \"$method .*$path.*HTTP\/" $filename | cut -d ' ' -f 1 | sort | uniq
    ;;
  help)
    display_help
    exit 0
    ;;
  *)  # No more options
    echo "unknown command '$action'" >&2
    exit 1
    ;;
esac
	#!/bin/bash

	function display_help {
	cat <<EOF
	Usage: $0 [OPTIONS...] COMMAND FILENAME

	-d, --date date time from the log
	22/Apr/2013
	22/Apr/2013:14:
	-p, --path escaped relative url path
	-m, --method HTTP method [GET,POST,DELETE...]

	COMMANDS

	links show the unique ip and relative url
	not-matched show the lines that did not match
	raw the matched lines
	timeouts show the count per ip of timeouts for a given date
	uniq-ip show only the unique ip addresses
	EOF
	}

	# parse command line options
	while :
	do
	case "$1" in
	-d \| --date)
	date="$2"
	shift 2
	;;
	-p \| --path)
	path="$2"
	shift 2
	;;
	-m \| --method)
	method="$2"
	shift 2
	;;
	-h \| --help)
	display_help
	exit 0
	;;
	--) # End of all options
	shift
	break
	;;
	-*)
	error_exit "Error: Unknown option: $1" >&2
	exit 1
	;;
	*) # No more options
	break
	;;
	esac
	done

	if [ -z "$method" ]; then
	method='.*'
	fi

	action="$1"
	filename="$2"

	if [ -z "$action" ]; then
	echo "no command specified" >&2
	display_help
	exit 1
	fi
	if [ -z "$filename" ]; then
	echo "no file specified" >&2
	display_help
	exit 1
	fi

	case "$action" in
	links)
	grep "\[$date.* \"$method .$path.HTTP\/" $filename \| awk '{print $1,$7;}' \| sort \| uniq
	;;
	not-matched)
	grep -v "\[$date.* \"$method .$path.HTTP\/" $filename
	;;
	raw)
	grep "\[$date.* \"$method .$path.HTTP\/" $filename
	;;
	timeouts)
	grep "\[$date.*] \"-\" 408" $filename \| awk '{count[$1]++}END{for(j in count) print j,count[j]}' \| sort
	;;
	uniq-ip)
	grep "\[$date.* \"$method .$path.HTTP\/" $filename \| cut -d ' ' -f 1 \| sort \| uniq
	;;
	help)
	display_help
	exit 0
	;;
	*) # No more options
	echo "unknown command '$action'" >&2
	exit 1
	;;
	esac