awk命令进行nginx日志文件响应时间的分析,分析指写格式的nginx日志文件,打印响应时间并且去除引号,查找响应时间大于1秒的url地址等。 awk命令分析nginx响应时间,线上环境nginx日志格式带上了引号,在用awk分析日志时注意下细节。
一、nginx日志格式
log_format main ‘$remote_addr – $remote_user [$time_iso8601] “$request” ‘
‘$status $body_bytes_sent “$http_referer” ‘ ‘”$http_user_agent” “$http_x_forwarded_for” ‘ ‘ “$upstream_addr” “$upstream_status” “$request_time” ‘;
二、nginx访问日志(/var/log/nginx)
12.124.127.44 – – [29/Jul/2014:20:54:20 +0800] “GET / HTTP/1.1″ 200 211 “-” “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)” “-” “127.0.0.1:8081″ “200” “0.001”
115.29.113.101 – – [29/Jul/2014:20:54:22 +0800] “GET / HTTP/1.1″ 200 211 “-” “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)” “-” “127.0.0.1:8081″ “200” “0.005” 112.124.127.53 – – [29/Jul/2014:20:56:49 +0800] “GET / HTTP/1.1″ 200 211 “-” “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)” “-” “127.0.0.1:8081″ “200” “0.002” 112.124.127.44 – – [29/Jul/2014:20:59:20 +0800] “GET / HTTP/1.1″ 200 211 “-” “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)” “-” “127.0.0.1:8081″ “200” “0.002” 115.29.113.101 – – [29/Jul/2014:20:59:22 +0800] “GET / HTTP/1.1″ 200 211 “-” “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)” “-” “127.0.0.1:8081″ “200” “0.002”
三、nginx日志分析
cat website.access.log| awk ‘{print $(NF)}’ | awk -F “\”” ‘{print $2′}>a.txt
2、合并文件,将时间重新补上去
paste -d ” ” website.access.log a.txt > b.txt
3、查找响应时间大于1秒的url
cat b.txt |awk ‘($NF>1){print $6$7 ” ” $NF}’>c.txt
4、hsell脚本
cat $1 | awk ‘{print $(NF)}’ | awk -F “\”” ‘{print $2′} >a.txt
paste -d ” ” $1 a.txt > b.txt cat b.txt |awk ‘($NF>1){print $1$4$6$7 ” ” $NF}’ >$2
使用:
./loganalysis.sh 日志绝对路径 新建日志文件名
(责任编辑:IT) |