Bash-sorting-apache
Jump to navigation
Jump to search
Example of how to sort a logfile for top hits (apache in this case)
Why is this useful? Think making a case statement and stuff that is a script kiddie attack gets auto-blocked via fail2ban.
awk '$9 == "404" {print $7}' access.log |sort|uniq -c|sort -rn| head -n 30 Bonus: do this for nginx logs now :P SRC: https://twitter.com/climagic/status/1448297516571762691 Something like this could be used to further update fail2ban-flies Returned: 7 /.env 6 /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 5 /GponForm/diag_Form?style/ 3 /owa/auth/x.js 3 /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f 3 /owa/auth/logon.aspx 3 /actuator/health 2 /wp-includes/js/jquery/jquery.js 2 /vendor/phpunit/phpunit/build.xml 2 /plugins/system/debug/debug.xml 2 /OA_HTML/AppsLocalLogin.jsp 2 /nice%20ports%2C/Tri%6Eity.txt%2ebak 2 /misc/ajax.js 2 /login 2 /js/header-rollup-554.js 2 /images/editor/separator.gif 2 /.git/config 2 /fckeditor/editor/filemanager/connectors/php/upload.php?Type=Media 2 /admin/view/javascript/common.js 2 /administrator/language/en-GB/install.xml 2 /administrator/help/en-GB/toc.json 2 /administrator/ 2 /admin/includes/general.js 2 /aab9 2 /aaa9 1 /xmrlpc.php?daksldlkdsadas=1 1 /wp-login.php 1 /wp-includes/css/buttons.css 1 /.well-known/security.txt 1 /ucmdb-api/connect