Overview
Versatile log analyzer for common log formats (Apache, Nginx, syslog). Extracts statistics, identifies issues, and generates summary reports.
The Script
#!/bin/bash
# Log Analyzer Script
# Parse and analyze various log formats
set -euo pipefail
LOG_TYPE="auto"
TOP_N=10
LOGFILE="$1"
if [ ! -f "$LOGFILE" ]; then
echo "Error: File not found: $LOGFILE"
exit 1
fi
echo "========================================"
echo " LOG ANALYSIS REPORT"
echo " File: $LOGFILE"
echo " Type: $LOG_TYPE"
echo " Date: $(date)"
echo "========================================"
# Basic stats
TOTAL_LINES=$(wc -l < "$LOGFILE")
FILE_SIZE=$(du -h "$LOGFILE" | cut -f1)
echo "Total lines: $TOTAL_LINES"
echo "File size: $FILE_SIZE"
# Top IPs
echo "TOP $TOP_N IP ADDRESSES"
awk '{print $1}' "$LOGFILE" | sort | uniq -c | sort -rn | head -$TOP_N
echo "========================================"
echo " ANALYSIS COMPLETE"
echo "========================================"Usage Examples
# Analyze Nginx access log
./log-analyzer.sh /var/log/nginx/access.log
# Focus on errors in Apache log
./log-analyzer.sh -e -t apache /var/log/apache2/error.log
# Auth log analysis with IP focus
./log-analyzer.sh -i /var/log/auth.logQuick One-Liners
# Top IPs in access log
awk '{print $1}' access.log | sort | uniq -c | sort -rn | head
# HTTP status code distribution
awk '{print $9}' access.log | sort | uniq -c | sort -rn
# Failed SSH attempts
grep "Failed password" /var/log/auth.log | grep -oE '[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+' | sort | uniq -c | sort -rn - log
- analysis
- parsing
- awk
- grep
- errors
- ip addresses
- apache
- nginx