access_log 分析

<?php
<<<EOF
log_format combinedio  '$remote_addr - $remote_user [$time_local] '
                       '"$request" $status $body_bytes_sent '
                       '"$http_referer" "$http_user_agent" $request_length $request_time $upstream_response_time ssl:$https';

EOF;



$fh = fopen('php://stdin','r');  
$regx = '/^(.*?) .*? .*? \[(.*?) (.*?)\] "(.*?) (.*?) (.*?)" (.*?) (.*?) "(.*?)" "(.*?)" (.*?) (.*?) (.*?) (.*?)$/';

while ($str = fgets($fh)) {
    if (preg_match($regx, $str, $m)) {
        $pos = strpos($m[5], '?');
        $url = $m[5];
        if ($pos !== false) {
            $url = substr($m[5], 0, $pos);
        }
        unset($m[0]);
        echo $m[2].' '.$url.' '.$m[8].' '.$m[11].' '.$m[12].' '.$m[13]."\n";
    } else {
        echo "fail\n";
    }
}

用正则处理access_log日志得到结构化的字段，就能很方便做相关的统计和监控了