Saturday, May 24, 2008

Parsing apache logs to identify IP with max requests

To find out the IP Addresses which generated the maximum number of requests, following Linux command can be used:

gawk {'print $1'} access_log | sort -n | uniq -d -c | sort -n

Note: This assumes that you're logging the IP Address in the first column
Posted by at
Labels:

1 comment:

Unknown said...

Nice blog,

Just a different look of the same:

$ awk '{c[$1]++}END{for(j in c) print j,c[j]}' ips | sort -rk2

//Jadu, http://unstableme.blogspot.com

9:24 AM

Post a Comment

Subscribe to: Post Comments (Atom)