Find all IP addresses in logs

Find the top 25 by call rate. What further information could you gather?


cat access.log |cut -d ' ' -f 1 |sort

I came up with the following BASH one-liner to do it (split onto multiple lines here only for readability):

 for ip in `cat $FILE |cut -d ' ' -f 1 |sort |uniq`;
 do { COUNT=`grep ^$ip $FILE |wc -l`;
 if [[ "$COUNT" -gt "500" ]]; then echo "$COUNT:   $ip";
 fi }; done


It counts the occurrences of each unique line.  Then a quick sort -n and a tail shows the big ones.  Also, I tend to use “cut” as above, but one of the Dreamhost guys reminded me that awk may be a little more straightforward:

cat /path/to/access.log |awk '{print $1}' |sort  |uniq -c |sort -n |tail