需要每五分钟实时统计域名状态码分布情况,因为日志中的时间记录形式不是时间戳,并且是utc时间。所以需要在脚本中转化:
#!/bin/bash
#-*- coding:utf-8 -*-
duration="$1"
DATA_STAMP=$(date +%s)
DATA_STAMP_APP=$(expr ${DATA_STAMP} - 28800)
DATA=$(date +%F_%T)
DATA_STAMP_5BRFO=$(expr ${DATA_STAMP} - ${duration})
DATA_STAMP_5BRFO_APP=$(expr ${DATA_STAMP_5BRFO} - 28800)
DATA_5BRFO=$(date -d @${DATA_STAMP_5BRFO} +%F_%T)
#echo "${DATA_STAMP} ${DATA} ${DATA_STAMP_5BRFO} ${DATA_5BRFO}"
function get_log(){
for file in $(ls 日志文件路径 | grep Downstream | tail -2);do
awk 'BEGIN{FS="|"}{print mktime(substr($2,1,4)" "substr($2,5,2)" "substr($2,7,2)" "substr($2,10,2)" "substr($2,12,2)" "substr($2,14,2)),$0}' /home/huawei/mdn2000/es/logs/access/${file} >> /tmp/status_code.log #原日志时间格式转换为时间戳,重新输出到一个文件中。
done
}
function get_tengxun_code(){
echo -e "从${DATA_5BRFO}到${DATA}状态码的分布为:" >> /tmp/tengxun_statuscode
cat /tmp/status_code.log | awk -v "s_time=${DATA_STAMP_5BRFO_APP}" -v "e_time=${DATA_STAMP_APP}" '$0~/cinemalive-3rdrrs-tx.hicloud.com/{if($1 >= s_time && $1 <= e_time) print}' | awk 'BEGIN{FS="|"}{sum[$27]++}END{for(i in sum) print sum[i],i}' | sort -nr| column -t >> /tmp/tengxun_statuscode
echo -e "\n" >> /tmp/tengxun_statuscode
}
function get_dl_code(){
#帝联
echo -e "从${DATA_5BRFO}到${DATA}状态码的分布为:" >> /tmp/dl_statuscode
cat /tmp/status_code.log | awk -v "s_time=${DATA_STAMP_5BRFO_APP}" -v "e_time=${DATA_STAMP_APP}" '$0~/域名/{if($1 >= s_time && $1 <= e_time) print}' | awk 'BEGIN{FS="|"}{sum[$27]++}END{for(i in sum) print sum[i],i}' | sort -nr| column -t >> /tmp/dl_statuscode
echo -e "\n" >> /tmp/dl_statuscode
}
function main(){
get_log
get_tengxun_code
get_dl_code
>/tmp/status_code.log
}
main
网友评论