|
|
|
@ -1,4 +1,6 @@
|
|
|
|
|
|
|
|
|
|
.. include:: kbd.rst
|
|
|
|
|
|
|
|
|
|
.. _Cookbook:
|
|
|
|
|
|
|
|
|
|
Cookbook
|
|
|
|
@ -12,9 +14,16 @@ adaptation.
|
|
|
|
|
Log Analysis
|
|
|
|
|
------------
|
|
|
|
|
|
|
|
|
|
To count the number of times a client IP shows up in the loaded web access
|
|
|
|
|
logs:
|
|
|
|
|
Most log analysis within **lnav** is done through the :ref:`sql-ext`. The
|
|
|
|
|
following examples should give you some ideas to start leveraging this
|
|
|
|
|
functionality. One thing to keep in mind is that if a query gets to be too
|
|
|
|
|
large or multiple statements need to be executed, you can create a
|
|
|
|
|
:code:`.lnav` script that contains the statements and execute it using the
|
|
|
|
|
|ks| | |ke| command prompt.
|
|
|
|
|
|
|
|
|
|
* To count the number of times a client IP shows up in the loaded web access
|
|
|
|
|
logs:
|
|
|
|
|
|
|
|
|
|
.. code-block:: custsqlite
|
|
|
|
|
.. code-block:: custsqlite
|
|
|
|
|
|
|
|
|
|
;SELECT c_ip, count(*) as hits FROM access_log GROUP BY c_ip ORDER BY hits DESC
|
|
|
|
|
;SELECT c_ip, count(*) as hits FROM access_log GROUP BY c_ip ORDER BY hits DESC
|
|
|
|
|