Update fzf location
[dotfiles] / .bash_nginx
1 #!/bin/sh
2
3
4 my_extract_nginx_ua1(){
5 sudo sed -n 's!.* "GET.* "\([[:alnum:].]\+/*[[:digit:].]*\)[^"]*"$!\1!p' /var/log/nginx/access.log | sort | uniq -c | sort \
6 -rfg
7 }
8
9 my_extract_nginx_ua2(){
10 sudo awk -F'"' '/GET/ {print $6}' /var/log/nginx/access.log | cut -d' ' -f1 | sort | uniq -c | sort -rn
11 }
12
13 # extract links returning 404 or 502
14 my_extract_nginx_bl(){
15 #awk '($9 ~ /404|502/)' /var/log/nginx/access.log | awk '{print $7}' | sort | uniq -c | sort -rn
16 sudo awk '($9 ~ /404|502/)' /var/log/nginx/access.log | awk '{print $7}' | sort | uniq -c | sort -rn | awk '{print $2}'
17 }
18
19 # extract ip of malicious user accessing a broken link
20 my_extract_nginx_mu(){
21 local url=$1
22 sudo awk -F'"' '($2 ~ $$url){print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn
23 }
24
25 # extract all ips of malicious users accessing broken links
26 my_extract_nginx_all_mu(){
27 for i in $(my_extract_nginx_bl); do
28 my_extract_nginx_mu $i;
29 done
30 }