【shell脚本练习】网卡信息和简单日志分析

题目

1、写一个脚本getinterface.sh。脚本能够接受參数(i,I,a)，完毕下面任务：
   (1)使用下面形式：getinterface.sh [-i interface|-I IP|-a]
   (2)当用户使用-i选项时，显示其指定网卡的IP地址；
   (3)当用户使用-I选项时，显示其后面的IP地址所属的网络接口。（如 192.168.199.183：eth0）
   (4)当用户单独使用-a选项时。显示全部网络接口及其IP地址（lo除外）

2、写一个脚本analyzelog.sh。完毕日志分析：（使用函数）（日志文件在课件中）
说明：此脚本能够接受选项(i,d,t,a),使用格式：analyzelog.sh <-i IP|-d DATE|-t TYPE|-a> 日志文件名称 ：
先推断是訪问日志文件还是错误日志文件


訪问日志文件例如以下：
   (1)当用户使用选项-i时。统计出訪问日志文件里指定IP地址的訪问次数（通常每一行为一次）；
   (2)当用户使用选项-d时，统计出訪问日志文件里指定日期（某一天。如：04/May/2015）内每一个IP地址訪问的次数。如：
    192.168.0.1：33
    192.168.0.195：17
    ...
   (3)当用户使用选项-t时，统计出訪问日志文件里以后缀后指定类型的文件（如.png表示png格式的图片）被訪问的次数。
   (4)当用户使用选项-a时，统计出訪问日志文件里每一个IP地址訪问的次数；




错误日志文件日下：
   (1)当用户使用选项-i时，统计出错误日志文件里指定IP地址的訪问次数（通常每一行为一次）；
   (2)当用户使用选项-d时，统计出错误日志文件里指定日期（某一天，如：2015/05/04）内每一个IP地址訪问的次数。如：
    192.168.0.1：33
    192.168.0.195：17
    ...
   (3)当用户使用选项-t时，统计出错误日志文件里GET获取失败的次数（就是一行错误信息中包括GET）；
   (4)当用户使用选项-a时，统计出错误日志文件里每一个IP地址訪问的次数；

文件例子

access.log

192.168.199.178 - - [04/May/2015:11:09:11 -0400] "GET / HTTP/1.1" 200 3698 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-"
192.168.199.178 - - [04/May/2015:11:09:12 -0400] "GET / HTTP/1.1" 200 3698 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-"
192.168.199.178 - - [04/May/2015:11:09:12 -0400] "GET / HTTP/1.1" 200 3698 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-"
192.168.199.178 - - [04/May/2015:11:09:13 -0400] "GET / HTTP/1.1" 200 3698 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-"
192.168.199.244 - - [04/May/2015:11:09:26 -0400] "GET /favicon.ico HTTP/1.1" 404 3652 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" "-"
192.168.199.244 - - [04/May/2015:11:09:30 -0400] "GET /bb HTTP/1.1" 404 3652 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" "-"
192.168.199.244 - - [04/May/2015:11:09:30 -0400] "GET /favicon.ico HTTP/1.1" 404 3652 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" "-"
192.168.199.244 - - [04/May/2015:11:09:34 -0400] "GET /cc HTTP/1.1" 404 3652 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" "-"
192.168.199.244 - - [04/May/2015:11:09:34 -0400] "GET /favicon.ico HTTP/1.1" 404 3652 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" "-"
192.168.199.244 - - [04/May/2015:11:09:44 -0400] "-" 400 0 "-" "-" "-"

error.log

015/05/04 11:06:12 [error] 2145#0: *7 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.244, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:07:12 [error] 2145#0: *10 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.180, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:07:12 [error] 2145#0: *10 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.180, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:07:20 [error] 2145#0: *14 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.155, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:07:20 [error] 2145#0: *15 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.155, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:09:26 [error] 2145#0: *47 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.244, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:09:30 [error] 2145#0: *49 open() "/usr/share/nginx/html/bb" failed (2: No such file or directory), client: 192.168.199.244, server: _, request: "GET /bb HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:09:30 [error] 2145#0: *49 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.244, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:09:34 [error] 2145#0: *50 open() "/usr/share/nginx/html/cc" failed (2: No such file or directory), client: 192.168.199.244, server: _, request: "GET /cc HTTP/1.1", host: "192.168.199.183"
2015/05/04 11:09:34 [error] 2145#0: *50 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.199.244, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.199.183"

作答

第一题

#!/bin/bash
#test success in centos6  
#orangleliu

helptext="unknow options You can use: getinterface.sh [-i interface|-I IP|-a]"

while getopts "i:I:a" arg
do
    case $arg in
        i) #get arg value
            echo "$OPTARG IP:"`ifconfig $OPTARG|grep -E "inet "|cut -d: -f2|cut -d" " -f1`
            ;;
        I)
            echo "$OPTARG Interfacei:" `ifconfig |grep -B 1 $OPTARG|head -1|cut -d" " -f1`
            ;;
        a)
            echo -e "All interface except lo is: 
"
            ifconfig -a | grep -A 1 '^[^[:space:]]{1,}'  | grep  -v  -E  '(<lo>|127.0.0.1)'
            ;;
        *)  #unknow arg
            echo $helptext
            exit 1
            ;;
        esac
done

第二题

注意的几个地方
* 正则推断ip合法性
* 推断时间格式合法
* 函数的格式

#!/bin/bash
#file:analyzelog.sh  author:orangleliu

helptext="options is missing Please use: analyzelog.sh <-i IP|-d DATE|-t TYPE|-a> filename"

#get last parmater value, that is filename
filename=${BASH_ARGV[0]}

#file charge
if [ ! "$filename" == "" ];then
    echo "analyze file is $filename"
elif [ ! -e $filename ];then
    echo "file not existed"
    exit 1
fi

#funciton
access_i(){
    if echo "$1" | egrep -E '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' &> /dev/null; then
        num=$(cat access.log|awk '{print $1}'|grep "$1"|wc -l)
        echo "IP $1 access count is $num"
    else
        echo "$1 is invalid ip"
        exit 1
    fi
}

access_d(){
    res=$(cat access.log|grep "$1"|cut -d" " -f1|sort |uniq -c |awk '{print $2,$1}')
    echo "accessIP  count"
    echo -e -n  "$res"
}

access_t(){
    num=$(cat access.log|awk '{print $7}'|grep -E ".$1"|wc -l)
    echo ".$1 access count is $num"
}

access_a(){
    res=$(cat access.log|cut -d" " -f1|sort|uniq -c |awk '{print $2,$1}')
    echo "every ip access count:"
    echo "$res"
}

error_i(){
    if echo "$1" | egrep -E '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' &> /dev/null; then
        num=$(cat error.log|awk -F"[,:]" '{print $7}'|grep $1|wc -l)
        echo "IP $1 error count is $num"
    else
        echo "$1 is invalid ip"
        exit 1
    fi
}

error_d(){
    if date -d "$1" > /dev/null 2>&1 ; then
        res=$(cat error.log|awk -F"[,:]" '{print $1,$7}'|grep "$1"|sort|uniq -c|awk '{print $4,$1}')
        echo "errorIP  count"
        echo -e -n "$res"
    else
        echo "$1 is invalid date formate"
        exit 1
    fi
}

error_t(){
    num=$(cat error.log|awk -F"["]" '{split($4,g," ");print g[1]}'|grep "GET"|wc -l)
    echo "GET error requests count is $num"
}

error_a(){
    res=$(cat error.log|awk -F"[,:]" '{print $7}'|sort|uniq -c|awk '{print $2,$1}')
    echo "every ip error count:"
    echo  "$res"
}

#main
if [ "$filename" == "access.log" ];then
    case "$1" in
    -i)
        access_i $2
        ;;
    -d)
        access_d $2
        ;;
    -t)
        access_t $2
        ;;
    -a)
        access_a
        ;;
    *)
        echo $helptext
        ;;
    esac

elif [ "$filename" == "error.log" ];then
    case "$1" in
    -i)
        error_i $2
        ;;
    -d)
        error_d $2
        ;;
    -t)
        error_t
        ;;
    -a)
        error_a
        ;;
    *)
        echo $helptext
        ;;
    esac

else
    echo "file not existed"
fi