Daniele
Reputation: 99
Regular Expressions for Linux - scan the Apache HTTPD access log for all the response code other than 200
This is a question about grep and regular expression.
If I want to see all the requests whose response is a 200 code, I can do:
grep -e '^.* - - .* .* .* .* .* 200' access_log
Quite easy peasy.
But what if I want to retrieve all the requests whose response is NOT a 200 code? I would like to be able to do that with only one grep instruction. Is that possible?
Thanks, Dan
Upvotes: 1
Views: 1223
Answers (2)
Tim Pietzcker
Reputation: 336138
I'd use this:
^\S+\s+\S+\s+\S+\s+\[[^]]+\]\s+"(?:GET|POST|HEAD) [^ ?"]+\??[^ ?"]+? HTTP/[0-9.]+"\s+200
and then invert the result as Daniel Egeberg suggested.
With comments and capturing groups, courtesy of RegexBuddy:
^((?#client IP or domain name)\S+)\s+((?#basic authentication)\S+\s+\S+)\s+\[((?#date and time)[^]]+)\]\s+"(?:GET|POST|HEAD) ((?#file)[^ ?"]+)\??((?#parameters)[^ ?"]+)? HTTP/[0-9.]+"\s+(?#status code)200
Upvotes: 1
Daniel Egeberg
Reputation: 8382
You can simply use the -v option for grep. This inverts the matches, so it returns all the lines that do not match the pattern.
So like this:
grep -v [pattern] [file]
Upvotes: 2
Related Questions
- Log Parsing with Regex
- Is it possible to exclude specified GET parameters in apache access logs?
- Parsing Apache Error Logs For Unique Errors
- Apache access log regex parsing
- Reg exp to match a specific HTTP response code in apache or nginx server logs
- How to filter apache access log using awk or sed or cut
- Regular Expression for parsing apache error log files
- grepping data Apache access.log
- Regexp to find Googlebot with http status code 200 in apache logs
- Filter apache log file using regular expression