Linux Nginx log Script _linux Shell

Task Schedule
Crontab-l
1 * * * */home/dongnan/sh/split.sh >>/home/dongnan/sh/cron.log 2>&

Nginx Log
ls/var/log/nginx/
20130730-access.log.gz 20130801-access.log.gz 20130803-access.log.gz
20130730-error.log.gz 20130801-error.log.gz 20130803-error.log.gz
20130731-access.log.gz 20130802-access.log.gz Access.log
20130731-error.log.gz 20130802-error.log.gz Error.log

Shell Script
Cat split.sh

Copy Code code as follows:

#!/bin/bash
#script_name: nginx_log.sh
#description: Nginx-log deleted/rotate/compress
#last_update: 20130725 by zongming

#Nginx
#Signal Action
#TERM, INT Terminate the server immediately
#QUIT Stop the server
#HUP Configuration changes, start new workers, graceful stop of old workers
#USR1 Reopen log files
#USR2 Upgrade the server executable
#WINCH Graceful Stop (parent process advise the children to exit)


#variables
log_dir=/var/log/nginx/
log_date=$ (date + "%y%m%d")
Nginx_pid=/var/run/nginx.pid
Keep_days=30

#old_log
Find "$log _dir"-name "*\.log.gz"-type f-mtime + "${keep_days}"-exec rm-rf {} \;

#rename_log
For log_name in ' ls ' $log _dir | awk '/.log$/';d o
If [-E "${log_dir}${log_date}-${log_name}"];then
echo "${log_dir}${log_date}-${log_name} already exists" && continue
Else
/BIN/MV "${log_dir}${log_name}" "${log_dir}${log_date}-${log_name}"
/bin/gzip "${log_dir}${log_date}-${log_name}"
Fi
Done

#new_log
/BIN/KILL-USR1 $ (Cat $nginx _pid) &&/bin/sleep 1

Nginx Log Cutting script:

vi/root/cutlog.sh

Copy Code code as follows:

#!/bin/bash
I= ' ps aux | grep Nginx | grep root | Grep-v ' grep nginx ' | awk ' {print $14} ' #查找nginx进程
if [$I = =/usr/local/nginx/sbin/nginx];then
Acclog= ' cat/usr/local/nginx/conf/nginx.conf | grep ' Access_log ' | awk ' {print $} ' #如果nginx进程在, locate the configuration file, read the Accesslog path
Errlog= ' cat/usr/local/nginx/conf/nginx.conf| grep ^error | awk ' {print $} ' | Cut-d ";"-f1 ' #错误日志的路径
LS $ACCLOG #查看是否有此文件
If [$?-eq 0];then #如果有
MV $ACCLOG $ACCLOG. ' Date-d '-1 day ' +%f ' #重命名当前日志
MV $ERRLOG $ERRLOG. ' Date-d '-1 day "+%f"
Touch $ACCLOG #创建空日志
Touch $ERRLOG
Chown Nginx:root $ACCLOG #修改属主
Chown Nginx:root $ERRLOG
[-f/usr/local/nginx/logs/nginx.pid] && kill-usr1 ' Cat/usr/local/nginx/logs/nginx.pid ' #判断进程 and Reloaded (here the Kill -USR1 will enable Nginx to write the newly generated log into the new log that you just created. ）
/mnt/logs/checklog.sh $ACCLOG. ' Date '-1 day ' +%f ' #这个是日志分析脚本
Gzip $ACCLOG. ' Date-d '-1 day ' +%f ' #压缩日志
Gzip $ERRLOG. ' Date-d '-1 day ' +%f '

MV $ACCLOG. ' date-d ' -10 Day "+%f '. */mnt/history.nginx.log/#将10天前的老日志清理到其他地方, (if you want to delete the can be changed to delete)
MV $ERRLOG. ' date-d ' -10 day ' +%f '. */mnt/history.nginx.log/
Fi
Fi

Nginx Log Analysis Script:

vi/mnt/logs/checklog.sh

Copy Code code as follows:

#!/bin/bash
Echo-e "#################### ' date +%f '" >>/mnt/logs/400.txt
Echo-e "#################### ' date +%f '" >>/mnt/logs/url.txt
Echo-e "#################### ' date +%f '" >>/mnt/logs/ip.txt
Cat $ | Wc-l >>/mnt/logs/ip.txt #分析IP
Cat $ | Awk-f ' "' {print $} ' | awk ' {print $} ' | Sort | uniq-c| Sort-rn >/mnt/logs/code.txt #分析返回值
Cat $ |  awk ' {print $} ' | Sort | uniq-c| Sort-rn | Head-n20 >>/mnt/logs/ip.txt
N= ' Cat/mnt/logs/code.txt | Wc-l '
For I in $ (seq 1 $N)
Todo
M= ' Head-n$i/mnt/logs/code.txt | tail-n1 | awk ' {print $} '
If [$M-ge 400]
Then

echo "# # #FIND $M ###############" >>/mnt/logs/400.txt #分析错误请求
Cat $ | grep "\" $M | Grep-v ' "-" "-"-' | Sort | awk ' {print $ $ $ $ $ $ $ $11 $ $14 $ $16 $17 $18 $19 $ $21} ' | Sort | uniq-c | Sort-rn | Head-n5 >>/mnt/logs/400.txt
Fi
Done
Cat $ | Grep-v ' "-" "-"-' | Awk-f ' T ' {print $} ' | Awk-f '? ' ' {print $} ' | Sort |awk ' {print $} ' | Sed ' s/\ (\/review\/file\/download\/\). */\1/g ' | Sort | uniq-c | Sort-rn | Head-n20 >>/mnt/logs/url.txt