Forum Discussion
Web Log Analysis: Ep.5 â Searching Web Server Logs using Linux CLI
- 7 months ago
Hi CM,
It looks like you're close, but there are a couple of things to simplify and focus on.
First, consider the most straightforward way to search for the IP and the HTTP status code. You don't need to filter by the request method (like GET or HEAD) unless specified, as the question only asks for the status code and IP address.
Secondly, think about whether you need to escape characters like the HTTP/1.1. Sometimes, a simpler search pattern can achieve the same result without extra complexity.
Take a step back and try to focus on filtering for just the IP address and the 200 status code directly in the log.
So, I just used a simple one-liner to count all different status codes. The following will give you a count of each status code across all the log files - obviously, you just need the figure for 200:
grep 193.37.225.202 acc* | awk '{print $9}' | sort | uniq -c
Bonus points for invoking awk ð less is more
- autom8on7 months ago
Bronze III
Yeah - spot the old person. ð I always prefer using it to cut (which seems to be the way most people I know do things when mangling data out of log files).
But, no - less is less (and the right one to use wherever possible) and more is more (but only to be used on boxes that don't have less installed on them)! ðĪŠ
- CM7 months ago
Bronze II
Lets not talk about VERBX LOGDATA or DLIST and a little JCL to mangle logs