Trace your website visitors (and referrers) as they come using this bash script.
# CONFIGURATION # ============= # Where your httpd log file is log="current-http-accesslog" # What files to exclude (request for those files won't be shown) exclude="\.gif|\.jpg|\.png|\.ico|\.css|\.js" # Width of request and referer columns (set it to match your terminal) col_width=35 # MAIN SCRIPT # =========== # Check if log file actually exists (and is readable) if [ ! -r "${log}" ]; then echo "Cannot access log file: $log" exit 0 fi # After startup we will output few lines start=`wc -l < "${log}"` start=$(( $start - 30 )) if (( ${start} < 0 )) then start=$((0)) fi # Main loop while : do end=`wc -l < "${log}"` end="${end##* }" if (( ${end} > ${start} )) then start=$(( $start + 1 )) sed -n "${start},${end}p" "${log}" | egrep -v "${exclude}" | awk -v col_width=$col_width '{ # we are only interested in GET/POST requests if ( match($0, /"(GET|POST).*?"/) > 0 ) { split($0, fields, "\"") # IP_ADDRESS tmp = $1 while ( length(tmp) < 15 ) tmp = tmp " " printf "%s", tmp " " # HTTP_REQUEST (GET/POST) tmp = substr(fields[2], 0, index(fields[2], "HTTP/") - 1 ) tmp = substr(tmp, index(tmp, " ") + 1, col_width) while ( length(tmp) < col_width ) tmp = tmp " " printf "%s", tmp " " # REFERER (the juice) tmp = fields[4] while ( length(tmp) < col_width ) tmp = tmp " " printf "%s", tmp " " # USER_AGENT printf "%s", fields[6] # new line at the end printf "\n" } }' start=${end} fi # this is an endless loop that sleeps every second sleep 1 done
