Home > Article > Backend Development > PHP 分析一个日志文件?
192.168.1.105 - - [25/Nov/2015:17:53:06 +0800] "GET /favicon.ico HTTP/1.1" 404 31 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.1.105 - - [25/Nov/2015:17:53:06 +0800] "GET /admin/d1/cl HTTP/1.1" 200 60 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.1.106 - - [25/Nov/2015:17:53:29 +0800] "GET /admin/d1/post_pd HTTP/1.1" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.1.106 - - [25/Nov/2015:17:55:53 +0800] "GET /admin/d1/post_id?pid=1&rid=1&imgname=1.jpg HTTP/1.1" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.1.105 - - [25/Nov/2015:17:57:39 +0800] "GET /admin/d1/post_irimg HTTP/1.1" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.1.105 - - [25/Nov/2015:18:03:15 +0800] "/admin/d1/get_id?pid=13333333333HTTP/1.1" 404 1333 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0"
192.168.1.105 - - [26/Nov/2015:09:53:10 +0800] "GET /admin/V1/post_id HTTP/1.1" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
请问 这样一个日志文件 怎么用PHP代码解析 怎么实现输出有多少个ip访问(总访问量,有多少个不同的IP访问(数量) 怎么实现一分钟内有多少访问量? 求大神代码示例啊,实在不知从何下手写.....
假定你的这些数据存放于 log.txt 中
那么
$a = file('log.txt');foreach($a as $r) { $t = preg_split('/[- ["]+/', $r); $d[] = array( 'ip' => $t[0], 'date' => strtotime(preg_replace('/[\/:]/', ' ', $t[1], 3)), 'target' => $t[4], 'mode' => $t[6], );}var_export($d);将得到这样的数组
array ( 0 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/favicon.ico', 'mode' => '404', ), 1 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/admin/d1/cl', 'mode' => '200', ), 2 => array ( 'ip' => '192.168.1.106', 'date' => 1448445209, 'target' => '/admin/d1/post_pd', 'mode' => '200', ), 3 => array ( 'ip' => '192.168.1.106', 'date' => 1448445353, 'target' => '/admin/d1/post_id?pid=1&rid=1&imgname=1.jpg', 'mode' => '200', ), 4 => array ( 'ip' => '192.168.1.105', 'date' => 1448445459, 'target' => '/admin/d1/post_irimg', 'mode' => '200', ), 5 => array ( 'ip' => '192.168.1.105', 'date' => 1448445795, 'target' => '404', 'mode' => 'Mozilla/5.0', ), 6 => array ( 'ip' => '192.168.1.105', 'date' => 1448502790, 'target' => '/admin/V1/post_id', 'mode' => '200', ),)应该知道该怎么做了吧?
假定你的这些数据存放于 log.txt 中
那么
$a = file('log.txt');foreach($a as $r) { $t = preg_split('/[- ["]+/', $r); $d[] = array( 'ip' => $t[0], 'date' => strtotime(preg_replace('/[\/:]/', ' ', $t[1], 3)), 'target' => $t[4], 'mode' => $t[6], );}var_export($d);将得到这样的数组
array ( 0 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/favicon.ico', 'mode' => '404', ), 1 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/admin/d1/cl', 'mode' => '200', ), 2 => array ( 'ip' => '192.168.1.106', 'date' => 1448445209, 'target' => '/admin/d1/post_pd', 'mode' => '200', ), 3 => array ( 'ip' => '192.168.1.106', 'date' => 1448445353, 'target' => '/admin/d1/post_id?pid=1&rid=1&imgname=1.jpg', 'mode' => '200', ), 4 => array ( 'ip' => '192.168.1.105', 'date' => 1448445459, 'target' => '/admin/d1/post_irimg', 'mode' => '200', ), 5 => array ( 'ip' => '192.168.1.105', 'date' => 1448445795, 'target' => '404', 'mode' => 'Mozilla/5.0', ), 6 => array ( 'ip' => '192.168.1.105', 'date' => 1448502790, 'target' => '/admin/V1/post_id', 'mode' => '200', ),)应该知道该怎么做了吧?
可以使用工具实现,例如:LogAnalyzer
参考: http://www.cnblogs.com/cocowool/archive/2010/09/07/1820626.html
假定你的这些数据存放于 log.txt 中
那么
$a = file('log.txt');foreach($a as $r) { $t = preg_split('/[- ["]+/', $r); $d[] = array( 'ip' => $t[0], 'date' => strtotime(preg_replace('/[\/:]/', ' ', $t[1], 3)), 'target' => $t[4], 'mode' => $t[6], );}var_export($d);将得到这样的数组
array ( 0 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/favicon.ico', 'mode' => '404', ), 1 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/admin/d1/cl', 'mode' => '200', ), 2 => array ( 'ip' => '192.168.1.106', 'date' => 1448445209, 'target' => '/admin/d1/post_pd', 'mode' => '200', ), 3 => array ( 'ip' => '192.168.1.106', 'date' => 1448445353, 'target' => '/admin/d1/post_id?pid=1&rid=1&imgname=1.jpg', 'mode' => '200', ), 4 => array ( 'ip' => '192.168.1.105', 'date' => 1448445459, 'target' => '/admin/d1/post_irimg', 'mode' => '200', ), 5 => array ( 'ip' => '192.168.1.105', 'date' => 1448445795, 'target' => '404', 'mode' => 'Mozilla/5.0', ), 6 => array ( 'ip' => '192.168.1.105', 'date' => 1448502790, 'target' => '/admin/V1/post_id', 'mode' => '200', ),)应该知道该怎么做了吧?
$data = array ( 0 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/favicon.ico', 'mode' => '404', ), 1 => array ( 'ip' => '192.168.1.105', 'date' => 1448445186, 'target' => '/admin/d1/cl', 'mode' => '200', ), 2 => array ( 'ip' => '192.168.1.106', 'date' => 1448445209, 'target' => '/admin/d1/post_pd', 'mode' => '200', ), 3 => array ( 'ip' => '192.168.1.106', 'date' => 1448445353, 'target' => '/admin/d1/post_id?pid=1&rid=1&imgname=1.jpg', 'mode' => '200', ), 4 => array ( 'ip' => '192.168.1.105', 'date' => 1448445459, 'target' => '/admin/d1/post_irimg', 'mode' => '200', ), 5 => array ( 'ip' => '192.168.1.105', 'date' => 1448445795, 'target' => '404', 'mode' => 'Mozilla/5.0', ), 6 => array ( 'ip' => '192.168.1.105', 'date' => 1448502790, 'target' => '/admin/V1/post_id', 'mode' => '200', ),);foreach($data as $v) @$r[date('Y-m-d H:i', $v['date'])]++;print_r($r);
Array( [2015-11-25 17:53] => 3 [2015-11-25 17:55] => 1 [2015-11-25 17:57] => 1 [2015-11-25 18:03] => 1 [2015-11-26 09:53] => 1)