标签:int 源文件 echo author data name check logs head
vim attack_count_ip.sh#!/bin/bash
#####################
#################################
#Filename: attack_count_ip.sh
#Author: richard_lyx
#Date: 2019-08-27
#Discription: count source attack ip and Be attacked IP
######################################
L=$(cat /data/check_ddos/logs/info_attack.log | wc -l) #统计源文件
num=1
for ((num = 0;num <= $L; num++ ))
do
num1=$(gawk NR==$num /data/check_ddos/logs/info_attack.log|gawk -F ‘[[:blank:]][[:blank:]]+‘ ‘{print $1}‘) #获取源文件第一列名称
num2=$(gawk NR==$num /data/check_ddos/logs/info_attack.log|gawk -F ‘[[:blank:]][[:blank:]]+‘ ‘{print $2}‘) #获取源文件第二列源ip
num3=$(gawk NR==$num /data/check_ddos/logs/info_attack.log|gawk -F ‘[[:blank:]][[:blank:]]+‘ ‘{print $3}‘) #获取源文件第三列被ip
for n2 in $num2
do
for n3 in $num3
do
echo $num1,$n2,$n3
done
done
done > /data/check_ddos/logs/attack_count.log
echo -e "\t <-源IP->" ; awk ‘BEGIN{FS=","}{print $2}‘ /data/check_ddos/logs/attack_count.log | sort | uniq -c |sort -rn | head -n 10
echo -e "\t <-被IP->" ; awk ‘BEGIN{FS=","}{print $3}‘ /data/check_ddos/logs/attack_count.log | sort | uniq -c |sort -rn | head -n 10
标签:int 源文件 echo author data name check logs head
原文地址:https://blog.51cto.com/14274052/2433063
