#!/bin/bash
echo "Quick analysis incident $1"
echo "\nTCP connections from specific IPs"
cat $1/*tcp-connections.txt | grep -v 127.0.0.1 | awk '{print $5}' | cut -d ':' -f1 | sort | uniq -c | sort -n | tail -n 20
echo "\nCPU-intensive processes:"
sort -nk4 $1/*process-list.txt | tail -n3
echo "\nMySQL queries:"
cat $1/*mysql-process-list.txt | grep Query | grep -v processlist
echo "\nFPM status:"
sort -nk3 $1/*fpm-status.txt | tail -n5
Place in ~ and run like this;
sh quickAnalysis.sh incidents/2020-12-18T17\:02\:11+00\:00