Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: парсер для error.log
- To: Anton Yuzhaninov <nginx-ru@xxxxxxxxx>
- Subject: Re[2]: парсер для error.log
- From: Михаил Монашёв <postmaster@xxxxxxxxxxxxx>
- Date: Fri, 18 Jan 2013 20:02:41 +0400
- Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=softsearch.ru; h=date:from :reply-to:message-id:to:subject:in-reply-to:references :mime-version:content-type:content-transfer-encoding; s=main; i= postmaster@xxxxxxxxxxxxx; bh=o+V3/vrXZT9sxITzQz/lkPXkq7w=; b=lMT ohIar6WK+CPDDpB8c1CW4zZcLaQWJwQXuHZ4BUEvsN7cWMFL9GNz6FdqNh+myIQF CKryY3fiJCfpet+tggGLAFXPPKqLl+FXkGIQuvKoOR2zfWZFgl58mlsCM7LNxTD1 qyeBUJTneSxwxsUxlJDiGrdRhM43Xt2VHiX8Qv6o=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=softsearch.ru; h=date:from :reply-to:message-id:to:subject:in-reply-to:references :mime-version:content-type:content-transfer-encoding; q=dns; s= main; b=NL+sdRtBHTJYVTac3DgpyrkoCiK30A0eFS8VqrDnOgL41P1nIsWRxFSx OSVxTrp5a3gSFH8UfRGmCz4AfvDIu7CilkiWrc7js2rK8SrCr/ceSTBDc+pT2H0l /aMO+rppXR9AmnTF35616MeVq2xhu7QMAfOSf1vruB1kZVBKWig=
- In-reply-to: <50F93DB8.4070002@citrin.ru>
- References: <CAEE9LaKj4hA-3HEetenR=T3504qO89hhuE1aKQyV0uwMLDbdvg@mail.gmail.com> <1037688526.20130118002414@softsearch.ru> <50F93DB8.4070002@citrin.ru>
Здравствуйте, Anton.
>> Если в парсере заменять все числа, строки в
>> кавычках и строки, идущие от двоеточия до запятой и не содержащие
>> пробелов на ХХХ, то получится свернуть всё разнообразие сообщение в
>> несколько шаблонных фраз. Ну и ради примера приводить одну несвёрнутую
>> ошибку ещё можно. Полезная тулза, кстати получится.
> Для суммарной статистики по числу ошибок разного типа сейчас использую такой
> скрипт:
> sed -E 's/.* (.*) [0-9]*#0: /\1 /' < $ERROR_LOG > | sed 's/ \*[0-9]* / /; s/, client: .*//; s/"[^"]*"/"..."/g;' > | sort | uniq -c | sort -rn
217 [error] kevent() reported about an closed connection (54: Connection reset
by peer) while reading response header from upstream
159 [error] b.readmanga.ru could not be resolved (3: Host not found)
125 [error] g.readmanga.ru could not be resolved (3: Host not found)
108 [error] img1.gelz.net could not be resolved (2: Server failure)
76 [error] myphotos.ya1.ru could not be resolved (3: Host not found)
72 [error] upstream prematurely closed connection while reading response
header from upstream
72 [error] jarmorka.ru could not be resolved (3: Host not found)
...
2 [error] image filter: too big response: 17993058 while reading response
header from upstream
2 [error] image filter: too big response: 15226607 while reading response
header from upstream
2 [error] image filter: too big response: 14589082 while reading response
header from upstream
2 [error] image filter: too big response: 14204255 while reading response
header from upstream
2 [error] image filter: too big response: 14101173 while reading response
header from upstream
2 [error] image filter: too big response: 12871436 while reading response
header from upstream
2 [error] image filter: too big response: 12702013 while reading response
header from upstream
2 [error] image filter: too big response: 12650307 while reading response
header from upstream
2 [error] image filter: too big response: 12415575 while reading response
header from upstream
Хосты без кавычек и цифры не сворачиваются :-(
Цифры ещё можно победить, а вот для "... could not be resolved" нужно
писать отдельное условие.
--
С уважением,
Михаил mailto:postmaster@xxxxxxxxxxxxx
_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://mailman.nginx.org/mailman/listinfo/nginx-ru
|
