Sorry if it's off-topic. It's more of a best practices question.
I just managed an issue with abusive bots and would like to have a history of how the issue is evolving.
Now, to review the bots that keep appearing, I make a query via the grep/awk/sort command line over the access.log file.
I know from zabbix I can add log file control but it's huge and unnecessary (it's a small environment) and I don't think it's worth it.
I'd like to have only the top 20 ips in the access.log. In other words that is. I would like to somehow have the result of the awk command in my zabbix.
I was thinking of making a cron job that would do the AWK/GREP/sort and output it to an output file that would be treated as a log.
Am I doing it right? What is the best way to achieve this? Any tips/examples?
I just managed an issue with abusive bots and would like to have a history of how the issue is evolving.
Now, to review the bots that keep appearing, I make a query via the grep/awk/sort command line over the access.log file.
I know from zabbix I can add log file control but it's huge and unnecessary (it's a small environment) and I don't think it's worth it.
I'd like to have only the top 20 ips in the access.log. In other words that is. I would like to somehow have the result of the awk command in my zabbix.
I was thinking of making a cron job that would do the AWK/GREP/sort and output it to an output file that would be treated as a log.
Am I doing it right? What is the best way to achieve this? Any tips/examples?