Archives par mot-clé : Apache2

Check DDOS Apache

#!/bin/bash

export LANG="POSIX"

# Get parameters
warning=${1:-"50"}
critical=${2:-"100"}
log_file=${3:-"*access_log"}
pattern=$4

# Get current hour
hour=$(date +%d/%b/%Y:%H -d '1 hours ago')

grep "$hour" /var/log/httpd/${log_file} | awk -v WARNING="${warning}" -v CRITICAL="${critical}" -v pattern="${pattern}" '

$0 ~ pattern {
  counter[$1]++
}

END {
  for (ip in counter) {
    if (counter[ip] > CRITICAL) {
	print "2";
	exit;
    } else if (counter[ip] > WARNING) {
	print "1";
	exit;
    }
  }
  print "0"
}

'