任务计划
crontab -l
1 15 * * * /home/dongnan/sh/split.sh >> /home/dongnan/sh/cron.log 2>&nginx 日志
ls /var/log/nginx/
20130730-access.log.gz 20130801-access.log.gz 20130803-access.log.gz
20130730-error.log.gz 20130801-error.log.gz 20130803-error.log.gz
20130731-access.log.gz 20130802-access.log.gz access.log
20130731-error.log.gz 20130802-error.log.gz error.logshell 脚本
cat split.sh代码如下:
#!/bin/bash
#script_name:nginx_log.sh
#description:nginx-log deleted/rotate/compress
#last_update:20130725 by zongming
#Nginx
#Signal Action
#TERM, INT Terminate the server immediately
#QUIT Stop the server
#HUP Configuration changes, start new workers, graceful stop of old workers
#USR1 Reopen log files
#USR2 Upgrade the server executable
#WINCH Graceful Stop (parent process advise the children to exit)
#variables
log_dir=/var/log/nginx/
log_date=$(date +”%Y%m%d”)
nginx_pid=/var/run/nginx.pid
keep_days=30
#old_log
find “$log_dir” -name “*.log.gz” -type f -mtime +”${keep_days}” -exec rm -rf {} ;
#rename_log
for log_name in `ls “$log_dir” | awk /.log$/`;do
if [ -e “${log_dir}${log_date}-${log_name}” ];then
echo “${log_dir}${log_date}-${log_name} Already exists” && continue
else
/bin/mv “${log_dir}${log_name}” “${log_dir}${log_date}-${log_name}”
/bin/gzip “${log_dir}${log_date}-${log_name}”
fi
done
#new_log
/bin/kill -USR1 $(cat $nginx_pid) && /bin/sleep 1
nginx日志切割脚本:
vi /root/cutlog.sh
代码如下:
#!/bin/bash
I=`ps aux | grep nginx | grep root | grep -v grep nginx | awk {print $14}` #查找nginx进程
if [ $I == /usr/local/nginx/sbin/nginx ];then
ACCLOG=`cat /usr/local/nginx/conf/nginx.conf | grep access_log | awk {print $2}` #如果nginx进程在,就找到配置文件,读取accesslog路径
ERRLOG=`cat /usr/local/nginx/conf/nginx.conf| grep ^error | awk {print $2}| cut -d”;” -f1` #错误日志的路径
ls $ACCLOG #查看是否有此文件
if [ $? -eq 0 ];then #如果有
mv $ACCLOG $ACCLOG.`date -d “-1 day” +%F` #重命名当前日志
mv $ERRLOG $ERRLOG.`date -d “-1 day” +%F`
touch $ACCLOG #创建空日志
touch $ERRLOG
chown nginx:root $ACCLOG #修改属主
chown nginx:root $ERRLOG
[ -f /usr/local/nginx/logs/nginx.pid ] && kill -USR1 `cat /usr/local/nginx/logs/nginx.pid` #判断进程,并重新加载(这里的kill -USR1会使nginx将新产生的日志写到刚创建的新日志里面。)
/mnt/logs/checklog.sh $ACCLOG.`date “-1 day” +%F` #这个是日志分析脚本
gzip $ACCLOG.`date -d “-1 day” +%F` #压缩日志
gzip $ERRLOG.`date -d “-1 day” +%F`mv $ACCLOG.`date -d “-10 day” +%F`.* /mnt/history.nginx.log/ #将10天前的老日志清理到其他地方,(你们如果想删除的可以自己改成删除)
mv $ERRLOG.`date -d “-10 day” +%F`.* /mnt/history.nginx.log/
fi
fi
nginx日志分析脚本:
vi /mnt/logs/checklog.sh
代码如下:
#!/bin/bash
echo -e “####################`date +%F`” >> /mnt/logs/400.txt
echo -e “####################`date +%F`” >> /mnt/logs/URL.txt
echo -e “####################`date +%F`” >> /mnt/logs/IP.txt
cat $1 | wc -l >> /mnt/logs/IP.txt #分析IP
cat $1 | awk -F” {print $3} | awk {print $1} | sort | uniq -c| sort -rn > /mnt/logs/CODE.txt #分析返回值
cat $1 | awk {print $1} | sort | uniq -c| sort -rn | head -n20 >> /mnt/logs/IP.txt
N=`cat /mnt/logs/CODE.txt | wc -l`
for I in $(seq 1 $N)
do
M=`head -n$I /mnt/logs/CODE.txt | tail -n1 | awk {print $2}`
if [ $M -ge 400 ]
thenecho “#####FIND $M###############”>>/mnt/logs/400.txt #分析错误请求
cat $1 | grep “” $M ” | grep -v “-” “-” – | sort | awk {print $1 $2 $3 $6 $7 $8 $9 $10 $11 $12 $13 $14 $15 $16 $17 $18 $19 $20 $21} | sort | uniq -c | sort -rn | head -n5 >> /mnt/logs/400.txt
fi
done
cat $1 | grep -v “-” “-” – | awk -FT {print $2} | awk -F? {print $1} | sort |awk {print $1} | sed s/(/review/file/download/).*/1/g | sort | uniq -c | sort -rn | head -n20 >> /mnt/logs/URL.txt
暂无评论内容