Apache logs: simple log analyzer in Perl – II

I added top 30 and bandwidth / minute;


#!/usr/bin/perl

# get handler to the logfile
open(LOG_FILE, "tail -f /var/log/httpd/access_log.users|");

# start the main loop
%users = ();
$cp=0;
$ct=time();
while() {
chomp;

$cp = time() + 5*60 if $cp==0;
if (-f "/tmp/killtraffic") {
%users=();
`rm -f /tmp/killtraffic`;
}

my $t1 = time(); # timestamp for checkpointing

my ($dom, $ip, $date, $req, $code, $ref, $client, $in, $out)
= /(.*?) (.*?) .*?[(.*?)] "(.*?)" (.*?) .*?"(.*?)" "(.*?)" (.*?) (.*)/;

my ($method, $uri, $proto) = ($req =~ /(.*?) (.*?) (.*)/);

my $get = 0;
if ($uri =~ /(.*?)?(.*)$/) {
$uri = $1;
$get = $2;
}

my $url = $dom;

if (!$users{$url}) {
$users{$url} = $in + $out;
} else {
$users{$url} = $users{$url} + $in + $out;
}

$cpc = time();
if ( $cpc > $cp ) {
$cp=0;
my $s="";
$m = (time()-$ct) / 60;
$count = 0;
foreach(keys %users) {
$s.=($users{$_}/1024)." kb - ".($users{$_}/1024/$m)." kb/min - ".$_."n";
$count++;
last if $count>30;
}
`echo "Count started $m minutes agon" > /tmp/traffic.log`;
`echo "$s"|sort -n -r >> /tmp/traffic.log`;
}
}


# never get here:
close LOG_FILE;

Be the first to leave a comment. Don’t be shy.

Join the Discussion

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>