Shell Programming and Scripting

2016-07-08T00:00:08-0700 10.10.10.1 63.128.163.28 - 500 1 5507 824 6047 69812 "https://www.plenti.com/" "GET /sign-up?step=char(39)&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"
2016-07-08T00:00:08-0700 10.10.10.2 - - 200 0 2 54 281 3085 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:11-0700 10.10.10.1 63.128.163.28 - 500 0 5528 965 6068 59125 "https://www.plenti.com/" "GET /sign-up?step=%63%68%61%72%28%31%31%39%2C%31%30%34%2C%31%31%35%2C%31%30%30%2C%39%38%2C%31%31%36%2C%31%30%31%2C%31%31%35%2C%31%31%36%29&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"
2016-07-08T00:00:12-0700 10.10.10.1 63.128.163.28 - 500 0 5533 923 6073 74076 "https://www.plenti.com/" "GET /sign-up?step=CHAR(119)%2bCHAR(104)%2bCHAR(115)%2bCHAR(83)%2bCHAR(81)%2bCHAR(76)%2bCHAR(105)&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"
2016-07-08T00:00:13-0700 10.10.10.3 - - 200 0 2 54 281 3228 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:13-0700 10.10.10.2 - - 200 0 2 54 281 3047 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:13-0700 10.10.10.1 107.77.228.176 - 200 0 6551 663 7109 70544 "-" "GET /reset-password-pin HTTP/1.1" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13F69 Safari/601.1"
2016-07-08T00:00:13-0700 10.10.10.1 65.216.115.73 - 301 0 191 557 527 361 "-" "GET / HTTP/1.1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko GomezAgent 3.0) Chrome/46.0.2490.71 Safari/537.36"
2016-07-08T00:00:15-0700 10.16.22.133 - - 200 0 984 215 1308 579 "-" "GET /server-status?auto HTTP/1.1" "metrics-sampler apache-status v0.7.3"
2016-07-08T00:00:15-0700 10.16.22.133 - - 200 0 351 145 669 8855 "-" "GET /apc_metrics.php HTTP/1.1" "metrics-sampler apache-status v0.7.3"
2016-07-08T00:00:18-0700 10.10.10.3 - - 200 0 2 54 281 3288 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:18-0700 10.10.10.2 - - 200 0 2 54 281 3756 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:20-0700 10.10.10.1 63.128.163.28 - 200 0 6151 852 6709 39024 "https://www.plenti.com/" "GET /sign-up?step=1＇&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"
2016-07-08T00:00:20-0700 10.10.10.1 63.128.163.28 - 500 0 5506 825 6046 49906 "https://www.plenti.com/" "GET /sign-up?step=%00＇&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"
2016-07-08T00:00:23-0700 10.10.10.3 - - 200 0 2 54 281 3122 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:23-0700 10.10.10.2 - - 200 0 2 54 281 2078 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:26-0700 10.10.10.1 163.246.121.40 - 200 0 56 2047 534 115703 "https://www.plenti.com/earn-points/partner-offers/partner-offer-details?page=details&id=11326" "POST /?:action=CouponsViewed HTTP/1.1" "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko"
2016-07-08T00:00:27-0700 10.10.10.3 - - 200 0 2 54 281 2833 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:28-0700 10.10.10.1 184.248.10.150 - 200 0 7484 615 8042 30280 "-" "GET / HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016-07-08T00:00:28-0700 10.10.10.2 - - 200 0 2 54 281 2922 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:29-0700 10.10.10.1 172.58.153.248 - 200 0 10964 3083 11696 451892 "-" "GET /earn-points/partner-offers HTTP/1.1" "Mozilla/5.0 (Linux; Android 5.1.1; Coolpad 3320A Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36"
2016-07-08T00:00:32-0700 10.10.10.3 - - 200 0 2 54 281 3114 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:33-0700 10.10.10.2 - - 200 0 2 54 281 1997 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:33-0700 10.10.10.1 72.23.77.208 - 200 0 5965 546 6523 65317 "-" "GET /forgot-password HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0"
2016-07-08T00:00:33-0700 10.10.10.1 63.128.163.28 - 500 0 5504 847 6044 69668 "https://www.plenti.com/" "GET /sign-up?step=\\\"&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"
2016-07-08T00:00:35-0700 10.16.22.133 - - 200 0 984 215 1308 639 "-" "GET /server-status?auto HTTP/1.1" "metrics-sampler apache-status v0.7.3"
2016-07-08T00:00:35-0700 10.16.22.133 - - 200 0 351 145 669 9191 "-" "GET /apc_metrics.php HTTP/1.1" "metrics-sampler apache-status v0.7.3"
2016-07-08T00:00:37-0700 10.10.10.3 - - 200 0 2 54 281 2002 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:37-0700 10.10.10.1 172.58.153.248 - 200 0 5947 3489 6678 252373 "https://www.plenti.com/earn-points/partner-offers" "GET /earn-points/partner-offers/partner-offer-details?page=details&id=11172 HTTP/1.1" "Mozilla/5.0 (Linux; Android 5.1.1; Coolpad 3320A Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36"
2016-07-08T00:00:38-0700 10.10.10.2 - - 200 0 2 54 281 3313 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:43-0700 10.10.10.3 - - 200 0 2 54 281 2252 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:43-0700 10.10.10.2 - - 200 0 2 54 281 3117 "-" "GET /status.html HTTP/1.1" "-"
2016-07-08T00:00:44-0700 10.10.10.1 98.206.13.213 - 200 0 7483 651 8041 39503 "-" "GET / HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
2016-07-08T00:00:44-0700 10.10.10.1 63.128.163.28 - 500 0 5502 852 6042 53145 "https://www.plenti.com/" "GET /sign-up?step=%%32%37&emid=0c3c23a9ccabed6feaaaf224a473eab8 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 WhiteHat Security"

awk -F [:\ ] '{print $1, $7}' ipcount.txt | awk '{s[$2]++; count[$1]++} END {for (var in s) print count[var], "access", s[var]," times"}'

At 2016-07-13T15, 500 status code count is 1
At 2016-07-08T00, 500 status code count is 6

At 2016-07-13, hour 15, 500 status code count is 1
At 2016-07-08, hour 00, 500 status code count is 6

awk -F [:\ ] '{print $1, $7}' ipcount.txt | awk '{if($2="500") {s[$2]++; count[$1]+=$NF}} END {for (var in s) print count[var], "access", s[var]," times"}'

awk -F [:\ ] '{print $1, $7}' ipcount.txt | awk '{if($2="500") {s[$2]++; count[$1]++}} END {for (var in count) print "At", var, "access", s[var]," times"}'

awk -F [:\ ] '{sub (/T/, " ");  CNT[$1 OFS $2 OFS $8]++} END {for (c in CNT) print c, CNT[c]}' OFS="\t" file
2016-07-08	00	500	6
2016-07-08	00	301	1
2016-07-08	00	200	27

for server in 01 02 03 04 12 13 14 15; do echo "--------$server--------Starting"; ssh web_pu@hvnplppuiw$server "for file in /apps/web/logs/httpd/portal/portal-www-access-2016-07-0[89].log; do echo "File Name: "$file; awk -F [:\ ] '{sub (/T/, " ");  if($8~500) CNT[$1":"$2]++} END {for (c in CNT) print c, "--", CNT[c]}' $file; echo "================================"; done" 2>&1 | grep -v 'THIS SYSTEM IS RESTRICTED'; echo "--------$server--------Ending"; done

--------01--------Starting

File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------01--------Ending
--------02--------Starting

File Name:
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------02--------Ending
--------03--------Starting

File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------03--------Ending
--------04--------Starting

File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------04--------Ending
--------12--------Starting

File Name:
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
--------12--------Ending
--------13--------Starting

File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------13--------Ending
--------14--------Starting

File Name:
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------14--------Ending
--------15--------Starting

File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
File Name:
awk: {sub (/T/,  );  if(~500) CNT[:]++} END {for (c in CNT) print c, --, CNT[c]}
awk:             ^ syntax error
awk: fatal: 0 is invalid as number of arguments for sub
================================
--------15--------Ending

awk -F [:\ ] '{sub (/T/, " ");  CNT[$1 OFS $2 OFS $8]++} END {for (c in CNT) print c, CNT[c]}' OFS="\t"   Input_file

2016-07-08      00      200     27
2016-07-08      00      301     1
2016-07-08      00      500     6