Details of webserver log analysis

From MyWiki
Revision as of 09:37, 21 May 2014 by George2 (Talk | contribs)

Jump to: navigation, search

The script to create this web page is run from roots cron on backup.gold.ac.uk using the following crontab entry
0,20,40 * * * * /usr/local/bin/security.sh > /var/tmp/cron_log 2>&1
The contents of the script are shown below:

<HTML> <BODY bgcolor="#E6E6FA" > <h1 style="text-align:center;margin-left:auto;margin-right:auto;"><span style="color:#ff0000"><span style="background-color:#00ff00"><span style="color:#000000;background-color:#808000"><span style="background-color:#dfdf00">Gold Webservers log file analysis. Updated every 20 minutes</span></span></span></span></h1> <TABLE> <TR><TH COLSPAN="2" BGCOLOR="#AAAAAA" > The top users of www.gold.ac.uk as taken from the last 2000 enries of the access_log files on both webservers </TH></TR> <TR><TD> <table border="2" cellpadding="2" BGCOLOR="#BBBBBB" > <TR> <TD colspan="3"> Jupiter between `head -1 /var/tmp/jupiter_tail.log | gawk '{ print $4}'|sed -e 's/^\[//' ` and `tail -1 /var/tmp/jupiter_tail.log | gawk '{ print $4}' |sed -e 's/^\[//' ` </TD> </TR> <TR> <TH>Recent hits</TH><TH> IP Address</TH><TH> DNS Entry if available</TH> </TR> END while read INP do echo $INP | gawk '{ print "<TR><TD>",$1,"</TD><TD>",$2,"</TD><TD>",$3,"</TD></TR>" }' >> /var/tmp/secure.html done < /var/tmp/jupiter_all echo "</TABLE>" >> /var/tmp/secure.html cat <<END >>/var/tmp/secure.html </TD><TD> <table border="2" cellpadding="2" BGCOLOR="#BBBBBB" > <TR> <TD colspan="3"> Uranus between `head -1 /var/tmp/uranus_tail.log | gawk '{ print $4}'|sed -e 's/^\[//' ` and `tail -1 /var/tmp/uranus_tail.log | gawk '{ print $4}' |sed -e 's/^\[//' ` </TD> </TR> <TR> <TH>Recent hits</TH><TH> IP Address</TH><TH> DNS Entry if available</TH> </TR> END while read INP do echo $INP | gawk '{ print "<TR><TD>",$1,"</TD><TD>",$2,"</TD><TD>",$3,"</TD></TR>" }' >> /var/tmp/secure.html done < /var/tmp/uranus_all echo "</TABLE>" >> /var/tmp/secure.html echo "</TD></TR>" >> /var/tmp/secure.html echo "</BODY>" >> /var/tmp/secure.html echo "</HTML>" >> /var/tmp/secure.html mv /var/tmp/secure.html /var/www/html/webteam echo `date`

Retrieved from "https://wiki.twig.es/index.php?title=Details_of_webserver_log_analysis&oldid=155"