Simple Perl script to parse Apache access log (CLF).
appar.pl - Apache access log parser Version 0.1 by Matteo Cantoni Homepage: https://www.nothink.org Usage: appar.pl [options] --log--log the Apache access.log fil --limit to limit the top results --without without CSS / images / javascript / all --without_word the word to be excluded from parsing (case insensitive) --version show version number and exit --help show this help message and exit Examples: ./appar.pl --limit 30 --log access.log ./appar.pl --without css --log access.log ./appar.pl --without javascript --log access.log ./appar.pl --without images --limit 30 --log access.log ./appar.pl --without all --without_word manager --log access.log
appar.pl - Apache access log parser Version 0.1 by Matteo Cantoni Homepage: https://www.nothink.org [+] Processed 194 requests in 0.04 seconds [+] Limit results : 10 [+] Keywords : alert, bin, cmd, etc, passwd, phpmyadmin, select, sql, xss [*] Total requests : 194 [*] Malformed requests : 0 [*] Bandwidth : 628k [*] Client IP address ----------------------------------------------------------------------------------------------- 34 188.*.114.198 IT, Italy 33 79.*.157.210 IT, Italy 20 83.*.231.250 GB, United Kingdom 16 65.*.241.79 US, United States 8 91.*.92.5 UA, Ukraine 7 119.*.193.131 JP, Japan 6 119.*.193.132 JP, Japan 6 119.*.193.195 JP, Japan 5 66.*.74.233 US, United States 5 119.*.193.196 JP, Japan [*] Date ----------------------------------------------------------------------------------------------- 64 31/Dec/2012 57 02/Jan/2013 37 01/Jan/2013 36 30/Dec/2012 [*] Hours ----------------------------------------------------------------------------------------------- 35 18 34 02 34 19 15 15 12 17 9 13 7 03 6 09 5 11 5 05 [*] URI Path Requests ----------------------------------------------------------------------------------------------- 74 / 14 /robots.txt 8 /scripts/setup.php/scripts/setup.php 5 /about.php 3 /js/bootstrap-popover.js 3 /js/bootstrap-scrollspy.js 3 /js/bootstrap-transition.js 3 /css/bootstrap.css 3 /js/bootstrap-typeahead.js [*] URI Requests ----------------------------------------------------------------------------------------------- 56 GET / HTTP/1.1 16 HEAD / HTTP/1.1 14 GET /robots.txt HTTP/1.1 5 GET /about.php HTTP/1.1 3 GET /js/jquery-1.7.2.min.js HTTP/1.1 3 GET /js/bootstrap-tab.js HTTP/1.1 3 GET /css/bootstrap.css HTTP/1.1 3 GET /js/bootstrap-collapse.js HTTP/1.1 3 GET /js/bootstrap-modal.js HTTP/1.1 [*] Methods (http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol) ----------------------------------------------------------------------------------------------- 176 GET 18 HEAD [*] Status code (http://en.wikipedia.org/wiki/List_of_HTTP_status_codes) ----------------------------------------------------------------------------------------------- 181 200 11 404 2 401 [*] Size of the object returned (total bytes 628k) ----------------------------------------------------------------------------------------------- 43 5717 18 176 6 2317 6 359 6 1158 4 2342 3 447 3 2394 3 321 2 1284 [*] Referer (http://en.wikipedia.org/wiki/HTTP_referer) ----------------------------------------------------------------------------------------------- 112 - 63 http://www.********.org/admin/ 18 http://www.********.org/ 1 http://www.********.org/2010/03/03/ [*] Referer Host (http://en.wikipedia.org/wiki/HTTP_referer) ----------------------------------------------------------------------------------------------- 81 www.********.org 1 www.********.eu [*] User-Agent (http://en.wikipedia.org/wiki/User_agent) ----------------------------------------------------------------------------------------------- 67 Mozilla/5.0 (Linux; U; Android 2.3.5; it-it; GT-I9001 Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 43 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) 20 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.45 Safari/537.17 16 InternetSeer.com 8 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 8 Plesk 5 Mozilla/5.0 (compatible; AhrefsBot/4.0; +http://ahrefs.com/robot/) 4 Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) 4 Mozilla/5.0 (compatible; Ezooms/1.0; ezooms.bot@gmail.com) 3 SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html) [*] Keywords (just a very SIMPLE parsing, non-exhaustive!) ----------------------------------------------------------------------------------------------- 3 alert 2 sql 2 phpmyadmin
Version | Link |
---|---|
0.1 (2012/10/01) | appar.pl |