Have you ever wanted to know if a specific ip address is hitting your web server too much?
It’s simple assuming your logs are in /var/log/httpd (redhat) do the following
cat access_log | awk ‘{print $1}’ | sort | uniq -c
It will output a list like this:
4 127.0.0.1
97 192.168.10.30
100 192.168.10.48
288 192.168.10.49
1 192.168.10.51
19 192.168.10.52
199 192.168.10.53