apachegrep

Langue: en

Version: 110382 (mandriva - 01/05/08)

Section: 1 (Commandes utilisateur)

NAME

apachegrep - like grep, but for apache logs

SYNOPSIS

apachegrep [--version] [-a] [FIELDS [field options] PATTERN] [-c | -o fields] [FILE...]

DESCRIPTION

Apachegrep specializes in searching Apache's "combined" log format. It allows the user to specify which fields within an apache log to limit a search and which fields to be output as a result.

It searches the named input FILEs (or standard input of no files are named) for lines (or FIELDS if output limiters are defined) containing a match to the given PATTERN, limiting the search to a given FIELD.

Multiple statements are ORed together. You can use the -a flag or string together multiple apachegrep instances to AND together statements instead. Putting a -v into a field option negates just that option, it is not a global option that affects all field options. (i.e. apachegrep -a -r foo -sv 200 test.log means return all lines whose request matches foo AND whose status is not 200).

Apachegrep makes use of perl regular expressions (and allows the use of perl compatible regexes in search patterns).

GLOBAL OPTIONS

-a
join the surrounding conditions with AND instead of OR.

FIELDS

-h
host
-u
user
-t
timestamp
-r
request
-s
status code
-b
bytes transferred
-R
referrer
-U
user agent
-x
extra user field

FIELD OPTIONS

-v
Invert the sense of matching, to select non-matching lines.
-i
Ignore case distinctions in both the PATTERN and the input files.

OUTPUT OPTIONS

-c
suppress normal output; instead print a count of matching lines for each input file. Incompatible with '-o'.
-o
specify which fields to output and in what order; uses same letters as input format for each field. Incompatible with '-c'.

EXAMPLES

Count the number of lines containing 'index.html' appear, case
insensitively:

apachegrep -c -ri 'index.html'

Return the host field from every request except those
containing gif or jpg:

apachegrep -rv 'gif|jpg' -o -h

Return a list of user-defined fields for every request that starts
with POST and returned 200:

apachegrep -s '200' -a -r '^POST' -o -x file.tgz

Return a list of requests for every line that contains 'Windows CE' in the useragent OR contains 'mobile' in the request:

apachegrep -U 'Windows CE' -r 'mobile' file.tgz

REGULAR EXPRESSIONS

Apachegrep presumes a working knowledge of PCREs. For a good tutorial on Regular Expressions, go to http://tk.

AUTHOR

Scott Klein and Felix Sheng

Email bug reports, feature requests, and code submissions to apachegrep (at) deasil.com