: This article mainly introduces php regular expression parsing apache log file. For more information about PHP tutorials, see. Logs can be rolled hourly and analyzed using php regular expressions.
$ LogLine = '2017. 0.0.1--[22/May/2015: 17: 09: 13 + 0800] "GET/sale/images/y-select.png HTTP/1.1" 200 1095 '; $ pattern = '/^ (? P
[0-9.] + )--\[(? P
[^ \] +) \] + "GET (? P
[^] +) HTTP \/1. [1 | 0 | 2] "(? P
[0-9.] + )(? P
[0-9.] +)/I '; preg_match ($ pattern, $ log, $ match); // var_dump ($ match); $ ip = $ match ['IP']; $ time = strtotime ($ match ['Time']); $ url = $ match ['URL']; $ status = $ match ['status']; $ size = $ match ['size']; printf ("IP: % s access time: % s URL: % s status: % s file size: % s ", $ ip, $ time, $ url, $ status, $ size );
This is the case.
Use regular expressions to separate Apache log files
Www. MyException. Cn shared on: 17 views
Use regular expressions to separate Apache log files
Examples of Apache log files in common log formats:
127.0.0.1-frank [10/Oct/2000: 13: 55: 36-0700] "GET/apache_pb.gif HTTP/1.0" 200 2326
Examples of Apache log files in combined log format:
127.0.0.1-frank [10/Oct/2000: 13: 55: 36-0700] "GET/apache_pb.gif HTTP/1.0" 200 2326 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I; Nav )"
The IP address of the client.
The RFC1413 identity determined by the client identd process. The output symbol "-" indicates that the information here is invalid.
The customer ID (userid) for accessing the web page obtained by The HTTP authentication system. If no password protection is set for the web page, this option is "-".
The time when the server completes request processing.
The client's actions, requested resources, and used protocols.
The status code returned by the server to the client.
The number of bytes that are returned to the client, excluding the response header. If no information is returned, this option should be "-".
"Referer" request header.
"User-Agent" request header.
Regular expressions used to extract information:
^: Matches the beginning of each row.
([0-9.] +) \ s: matches the IP address.
([\ W.-] +) \ s: matches the identity, which is composed of numbers, letters, underscores (_), and Dot delimiters.
([\ W.-] +) \ s: matches userid, which consists of numbers, letters, underscores (_), and dot separators.
(\ [[^ \ [\] + \]) \ S: matching time.
"((? : [^ "] | \") +) "\ S: matches the request information. escape double quotation marks may appear in double quotation marks \".
(\ D {3}) \ s: matching status code.
(\ D + |-) \ s: number of matching response bytes or -.
"((? : [^ "] | \") +) "\ S: matches the" Referer "request header. escape double quotation marks may appear in double quotation marks \".
"((? : [^ "] | \") +) ": Matches the" User-Agent "request header. escape double quotation marks may appear in double quotation marks \".
$: Matches the end of a row.
The final expression is as follows:
^ ([0-9.] +) \ s ([\ w. -] +) \ s ([\ w. -] +) \ s (\ [^ \ [\] + \]) \ s "((? : [^ "] | \") +) "\ S (\ d {3}) \ s (\ d + |-) \ s "((? : [^ "] | \") +) "\ S "((? : [^ "] | \") +) "$
The above introduces the php regular expression parsing apache log file, including the content, hope to be helpful to friends who are interested in PHP tutorials.