[with reverse DNS check and colors]
Nothing special here really. Just a few lines of code to make the logs review a little bit easier.
Displayed columns in order from left to right:
- Date and time of access
- HTTP CODE of response [200 in green, 404 in blue, rest in red]
- IP address
- Reverse DNS hostname [last 30 chars] [empty if NXDOMAIN]
- Request [first 30 chars]
The output:
Script:
#!/bin/bash while read line do # IP ip=$(echo $line | cut -d " " -f 1) # HOST host=$(host $ip | cut -d " " -f 5 | tail -1) if [[ ${#ip} -lt 15 ]]; then for (( i=$(echo "15-${#ip}"|bc); i>0; i-- )) do ip="$ip " done fi # IF I DO NOT GET DOMAIN NAME if [[ $(echo "$host" | grep "NXDOMAIN" | wc -l ) -ne 0 ]]; then host=" - " fi # EVEN UP THE HOSTNAME TO SEE LAST 30 CHARS if [[ ${#host} -lt 30 ]]; then for (( i=$(echo "30-${#host}"|bc); i>0; i-- )) do host="$host " done else host=${host:$(echo "${#host}-30"|bc)} fi dhost="\033[01;30m$host\033[00m" # DISPLAY GOOGLEBOT CUSTOM DNS if [[ $(echo $host | grep google |wc -l) -eq 1 ]]; then dhost="\033[01;30mGOOGLEBOT\033[00m " fi # DATE date=$(echo $line | cut -d "[" -f 2 | cut -d "]" -f 1 | cut -d "+" -f 1) day=$(echo $date | cut -d ":" -f 1 | tr -d " ") dtime=$(echo $date | cut -d ":" -f 2- | tr -d " ") # REQUEST req=$(echo $line | cut -d "]" -f 2 | cut -d "\"" -f 2 | cut -d " " -f -2) # CUT REQUEST TO 30 CHARS dreq=${req:0:30} # CUSTOM REQUEST INFO IN CASE OF ADMIN PANEL if [[ $(echo $req | grep "admin.php" | wc -l) -eq 1 ]]; then dreq="\033[01;31mFAV\033[00m" fi # HTTP CODE code=$(echo $line | cut -d "\"" -f 3 | cut -d " " -f 2) hcode="\033[01;31m$code\033[00m"; if [[ "$code" -eq "200" ]]; then hcode="\033[01;32m$code\033[00m"; fi if [[ "$code" -eq "404" ]]; then hcode="\033[01;34m$code\033[00m"; fi # DISPLAY # I DONT WANT TO DISPLAY FAVICON REQUESTS if [[ $(echo $req | grep "favicon.ico" | wc -l) -eq 1 ]]; then echo -n "" else echo -e "$day $dtime $hcode $ip $dhost $dreq" fi done < /var/log/apache2/access.log
Advertisements