Simple command to “watch” the webserver access log

April 2nd, 2010 | by Sajal Kayan |

I am often curious as to what bots are going on my site at any given moment. So much so that I devote one terminal tab to running this script.

save the following as say bot.sh and make it executable :-

  1. #!/bin/bash
  2. watch "grep $1 /path/to/access.log | tail -15"

note: the number after tail can be adjusted depending on your terminal size…

Run it on the server as :-

  1. [user@server ~]# ./bot.sh Googlebot

OR

  1. [user@server ~]# ./bot.sh msnbot

OR

  1. [user@server ~]# ./bot.sh <suspicious ip address>

and so on….

UPDATE: Better alternative by willwill. Save as bot.sh:-

  1. #!/bin/bash
  2. watch "tail -f /path/to/access.log | grep $1"
  • http://whsgroup.ath.cx/ willwill

    Why not

    tail -f /var/log/apache2/access.log | grep $1

    as tail -f will write out new line immedialy, while watch will run specified command periodically.

  • http://www.sajalkayan.com Sajal Kayan

    @willwill interesting. tail -f works much better and im sure will have lesser load since its only frepping new lines…

    earlier i tried tail -f after grep and didnt workout so well… but yr command works perfectly.

  • http://www.rethai.com todd

    have you used ntop?

  • http://www.onlineincomefloods.net Mark C

    Sajal, are you still running this script or have you found a new one that gives a little more data?

blog comments powered by Disqus