【Mod_security⑩】ユーザエージェントごとの検出回数をカウントしファイル出力

find /usr/local/mod_security_summary/`date +%Y%m%d`/ -type f | xargs grep REQUEST_HEADERS:Host | grep ModSecurity: | cut -d "]" -f 10 | tr -d "\"[data " > /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10-1
find /usr/local/mod_security_summary/`date +%Y%m%d`/ -type f | xargs grep User-Agent: | cut -d ":" -f 3 | tr -d " "  > /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10-2

paste -d , /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10-1 /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10-2 > /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10
cat /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10 | while read line;do severity=$line; echo -n "$severity"",";grep $severity /usr/local/mod_security_summary/statistic/user_agent/`date +%Y%m%d`/No10 | wc -l ; done | sort | uniq | sed "s/^/`date +%Y%m%d`,/g" | sed  '1s/^/date,host,user_agent,count\n/'

コメント

タイトルとURLをコピーしました