BASH
Extracting Specific Errors or Patterns from Web Server Logs
Efficiently analyze web server logs (e.g., Apache, Nginx) using bash to filter and extract critical error messages or custom patterns, aiding in quick debugging and issue identification.
#!/bin/bash
# Configuration
LOG_FILE="/var/log/nginx/error.log" # Or /var/log/apache2/error.log, etc.
SEARCH_PATTERN="failed|error|critical|denied" # Regex patterns separated by |
OUTPUT_FILE="/tmp/filtered_errors_$(date +%Y%m%d_%H%M%S).log"
# --- DO NOT EDIT BELOW THIS LINE ---
# Check if log file exists
if [ ! -f "${LOG_FILE}" ]; then
echo "Error: Log file '${LOG_FILE}' not found." >&2
exit 1
fi
echo "Searching for patterns '${SEARCH_PATTERN}' in '${LOG_FILE}'..."
# Use grep with -E for extended regex, -i for case-insensitive
# Then use awk to extract relevant fields (e.g., timestamp, error message)
# Finally, sort and uniq -c to count unique occurrences
grep -E -i "${SEARCH_PATTERN}" "${LOG_FILE}" | \
awk '{
# Example for Nginx error log:
# 2023/10/27 10:30:00 [error] 12345#67890: *123 failed (111: Connection refused) while connecting to upstream, client: 192.168.1.1
# We might want to extract the timestamp and the error message.
# Adjust awk fields based on your log format.
# For this example, let's just output the whole matched line.
print $0
}' | \
sort | uniq -c | sort -nr > "${OUTPUT_FILE}"
if [ -s "${OUTPUT_FILE}" ]; then
echo "Filtered errors saved to '${OUTPUT_FILE}'."
echo "Top 10 unique errors:"
head -n 10 "${OUTPUT_FILE}"
else
echo "No matching patterns found or output file is empty."
fi
How it works: This script is designed for parsing web server error logs to quickly identify and analyze critical issues. It uses `grep` with extended regular expressions (`-E`) and case-insensitivity (`-i`) to filter log entries matching specified error patterns. The output is then piped to `awk`, which can be customized to extract specific fields or the entire line, depending on the log format. Finally, `sort` and `uniq -c` are used to count unique occurrences of the extracted errors, with results saved to a timestamped file and the top 10 displayed. This helps developers quickly pinpoint recurring problems.