本文共 858 字,大约阅读时间需要 2 分钟。
1,查看apache进程: ps aux | grep httpd | grep -v grep | wc -l 2,查看80端口的tcp连接: netstat -tan | grep "ESTABLISHED" | grep ":80" | wc -l 3,通过日志查看当天ip连接数,过滤重复: cat access_log | grep "20/Oct/2008" | awk '{print $2}' | sort | uniq -c | sort-nr 4,当天ip连接数最高的ip都在干些什么(原来是蜘蛛): cat access_log | grep "20/Oct/2008:00" | grep "122.102.7.212" | awk '{print $8}' | sort | uniq -c | sort -nr | head -n 10 5,当天访问页面排前10的url: cat access_log | grep "20/Oct/2008:00" | awk '{print $8}' | sort | uniq -c | sort -nr | head -n 10 6,用tcpdump嗅探80端口的访问看看谁最高 tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr <pre> 接着从日志里查看该ip在干嘛: <pre lang="php"> cat access_log | grep 122.102.7.212| awk '{print $1"\t"$8}' | sort | uniq -c | sort -nr | less 7,查看某一时间段的ip连接数: grep "2006:0[7-8]" www20060723.log | awk '{print $2}' | sort | uniq -c| s转载地址:http://pkqvn.baihongyu.com/