sophieforceno/nginxfail.sh

## nginxfail.sh
#! /bin/bash

case "$1" in
all)
sudo grep -E "forb|refuse" /var/log/nginx/error.log | awk '{ print $1 " " $2 " " $11 }' | grep -w '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' | tr -d ','
# I also include a pipe to grep to remove all friendly IPs, something like:
# | grep -vE "192.168.1.*|$(curl -s ifconfig.co)|10.8.0.4"
	;;
day)
sudo grep -E "forb|refuse" /var/log/nginx/error.log | awk '{ print $1 " " $2 " " $11 }' | grep -w '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' | tr -d ',' | grep "$(date +%Y/%m/%d)"
	;;
*)
	cat << EOF
	nginxfail.sh
	Usage: nginxfail.sh [OPTIONS] <file>

	all 		Return all forbidden & refused requests
	day		Return forbidden & refused requests for today

EOF
	;;

exit 0
	#! /bin/bash

	case "$1" in
	all)
	sudo grep -E "forb\|refuse" /var/log/nginx/error.log \| awk '{ print $1 " " $2 " " $11 }' \| grep -w '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' \| tr -d ','
	# I also include a pipe to grep to remove all friendly IPs, something like:
	# \| grep -vE "192.168.1.*\|$(curl -s ifconfig.co)\|10.8.0.4"
	;;
	day)
	sudo grep -E "forb\|refuse" /var/log/nginx/error.log \| awk '{ print $1 " " $2 " " $11 }' \| grep -w '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' \| tr -d ',' \| grep "$(date +%Y/%m/%d)"
	;;
	*)
	cat << EOF
	nginxfail.sh
	Usage: nginxfail.sh [OPTIONS] <file>

	all Return all forbidden & refused requests
	day Return forbidden & refused requests for today

	EOF
	;;

	exit 0