这是要注意的
可能因为 线上 nginx日志输出格式的不一样,一下命令未能展示正确的结果
流量速率分析的第三个命令
慢查询分析的第一二个命令
参考文档,nginx日志输出格式为
$remote_addr - $remote_user [$time_local] "$retuqest" $status $body_bytes_sent $request_time $upstream_response_time $upstream_addr "$http_referer" "$http_user_agent" "$http_x_forwarded_for"; |
线上,nginx日志格式
$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"; |
请求访问分析:
1. 请求总数
less access.log-20170716 | wc -l |
2. 平均每秒的请求数
less access.log-20170716 | awk '{sec=substr($4,2,20);reqs++;reqsBySec[sec]++;} END{print reqs/length(reqsBySec)}' |
3. 峰值每秒的请求数
less access.log-20170716 | awk '{sec=substr($4,2,20);requests[sec]++;} END{for(s in requests){printf("%s %s
",requests[s],s)}}' | sort -nr | head -n 3 |
流量速率分析:
1. 带宽资源占用情况
less access.log-20170716 | awk '{url=$7;requests[url]++;bytes[url]+=$10} END{for (url in requests){printf("%sMB %sKB/req %s %s
",bytes[url] / 1024 / 1024,bytes[url] /requests[url] / 1024,requests[url],url)}}' | sort -nr | head -n 15 |
2. URL占用cpu的时间
less access.log-20170716 | awk '{url=$7; times[url]++} END{for(url in times){printf("%s %s
",times[url],url)}}' | sort -nr | more |
3. 精准 URL占用cpu的时间(优化后)
原命令:less access.log-20170716 | awk '{print $7}' | sed -re 's/(.*)?.*/1/g' -e 's/(.*)..*/1/g' -e 's:/[0-9]+:/*:g' | awk '{requests[$1]++;time[$1]+=$2} END{for (url in requests){printf("%smin %ss/req %s %s
",time[url] / 60 , time[url] / requests[url],requests[url],url)}}' | sort -nr | head -n 50现命令:less access.log-20170716 | awk '{print $7}' | sed -re 's/(.*)?.*/1/g' -e 's/(.*)..*/1/g' -e 's:/[0-9]+:/*:g' | awk '{requests[$1]++;time[$1]+=$1} END{for (url in requests){printf("%smin %ss/req %s %s
",time[url] / 60 , time[url] / requests[url],requests[url],url)}}' | sort -nr | head -n 50 |
慢查询分析:
下面命令,执行期间,键盘操作可能会卡住,是不是因为awk占用cpu的问题》?
1. 慢查询所占比例:
less access.log-20170716 | awk -v limit=2 '{min=substr($4,2,17);reqs[min]++;if($9>limit){slowReqs[min]++}} END{for(m in slowReqs) {printf("%s %s%s %s %s
", m , slowReqs[m] / reqs[m] * 100,"%",slowReqs[m],reqs[m])}}' | more |
2. 慢查询所占比例,根据 应用服务器返回 时间 与 nginx服务器的处理时间进行分析
less access.log-20170716 | awk '{upServer=$10;upTime=$9;if(upServer == "-"){upServer="Nginx"};if(upTime == "-"){upTime=0};upTimes[upServer]+=upTime;count[upServer]++;totalCount++;} END{for (server in upTimes ){printf("%s %s%s %ss %s
",count[server],count[server]/totalCount * 100, "%",upTimes[server]/count[server],server)}}' | sort -nr | less |
3. 快速查看一下每秒的 流量
less access.log-20170716 | awk '{second=substr($4,2,20);bytes[second]+=$10;} END{for(s in bytes){printf("%sKB %s
",bytes[s]/1024,s)}}' | less |
4. 查看有没有被爬虫爬过
原命令: less access.log-20170716 | egrep "spider|bot" | awk '{name=$17;if(index($15,"spider")>0) {name=$15};spiders[name]++} END{for(name in spiders){printf("%s %s
",spiders[name],name)}}' | sort -nr | less 现命令: less access.log-20170716 | egrep "spider|bot" | awk '{name=$14;if(index($12,"spider")>0) {name=$15};spiders[name]++} END{for(name in spiders){printf("%s %s
",spiders[name],name)}}' | sort -nr | less |