Have you ever wanted to know if a specific ip address is hitting your web server too much?

 

It’s simple assuming your logs are in /var/log/httpd (redhat) do the following

 

cat access_log | awk ‘{print $1}’ | sort | uniq -c

 

It will output a list like this:

4 127.0.0.1
97 192.168.10.30
100 192.168.10.48
288 192.168.10.49
1 192.168.10.51
19 192.168.10.52
199 192.168.10.53

 

© 2012, Joseph Griffiths. All rights reserved.

Leave a Reply