Menu
I have a a couple of Apache log files that have been appended together and I need to sort them by date. They're in the following format:
"www.company.com" 192.168.1.1 [01/Jan/2011:00:04:17 +0000] "GET /foobar/servlet/partner/search/results?catID=1158395&country=10190&id=5848716&order_by=N-T&order_by_dir=-&product=10361996&siteID=1169823&state= HTTP/1.1" 200 10459 0 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
What's the best way to go about doing this on the Linux command line?
432
Using Terminal Commands to Display Local Access Logs By default, you can find the Apache access log file at the following path: /var/log/apache/access. log. /var/log/apache2/access.
Log Format In Linux, Apache commonly writes logs to the /var/log/apache2 or /var/log/httpd directories depending on your OS and Virtual Host overrides. You can also define a LogFormat string after the filename, which will only apply the format string to this file.
#!/bin/sh
if [ ! -f $1 ]; then
echo "Usage: $0 "
exit
fi
echo "Sorting $1"
sort -t ' ' -k 4.9,4.12n -k 4.5,4.7M -k 4.2,4.3n -k 4.14,4.15n -k 4.17,4.18n -k 4.20,4.21n $1 > $2
This is almost too trivial to point out, but just in case it confuses anyone: grm's answer should technically be using field #3, not 4, to match the questioner's exact log format. That is, it should read:
sort -t ' ' -k 3.9,3.12n -k 3.5,3.7M ...
His answer is correct in every other respect, and can be used as-is for the common log format.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
