#!/bin/bash
spiderfile=$(cat /data/operations/op_script/spider.txt)
bj=`hostname|cut -d - -f1`
server=(www phone api)
table=(shop\\/detail shop captcha)
number=(300 400 60)
log_path=/var/log/nginx
nginx_home=/etc/nginx
#=========================================================
function analysis () {
tail -2000 "$log_path"/access"$bj"."$1".lepu.cn.log|egrep -iv "$spiderfile"|awk '$7~/'$2'/{b[$1]++}END{for (i in b)print i,b[i]}' >/tmp/b.txt
a=`awk '{print $2}' /tmp/b.txt|grep [5-9][0-9]|wc -l`
b=($(awk '{print $2}' /tmp/b.txt|grep [5-9][0-9]))
for ((i=0;i<"$a";i++))
do
if [ "${b[i]}" -gt "$3" ]
then
awk '{if ('$b'>'$3')print "deny ",$1";"}' /tmp/b.txt >> $nginx_home/settings.d/deny.conf
else
continue
fi
done
}
function summary () {
for ((c=0;c<3;c++))
do
for ((d=0;d<3;d++))
do
if [ "$d" -ne 2 ]
then
analysis ${server[$c]} ${table[$c]} ${number[$c]}
else
analysis ${server[$c]} ${table[$2]} ${number[$2]}
fi
done
done
}
summary
#========================================================================================================
cat $nginx_home/settings.d/deny.conf|sort|uniq > $nginx_home/settings.d/deny.conf
awk -F '[ ]+' '{c[$2]++}END{for (Ip in c)print "deny",Ip}' $nginx_home/settings.d/deny.conf|grep ';' >/tmp/deny.conf && \
cat /tmp/deny.conf >$nginx_home/settings.d/deny.conf
#============================================remove the deny ip on sunday============================================
WeekDay=$(date +%H)
if [ ${WeekDay} -eq 08 ]
then
/bin/cp $nginx_home/settings.d/deny.conf /data/op_analysis_result/`date +%F`_deny.conf
echo "" >$nginx_home/settings.d/deny.conf
fi
#============================================nginx test============================================
/usr/sbin/nginx -t
T=$(echo $?)
if [ $T -eq 0 ]
then
/usr/sbin/nginx -s reload
else
echo "nginx test fail!!!" && exit 1
fi
日志分析脚本出现过多加入黑名单,