Answers:
这花了一些魔术,这就是我和我的同事能够放在一起的地方。
#!/bin/bash
main() {
if [ -e $1 ] ; then
MONTH=$(date | awk '{ print $2 }')
elif [ $1 -ge 1 -a $1 -le 12 ] ; then
month $1
else
exit 1
fi
echo
echo "Usage statistics for month $MONTH"
echo
USERS=(`awk '/^'$MONTH'.*session opened for local user.*$/ { print $(NF-2) } ' /var/log/auth.log* | sort | uniq`)
for i in "${USERS[@]}"
do :
echo "################################"
echo "Usage for user: $i"
READ=0
WRITTEN=0
#processes for this user
PROCS=(`awk '/^'$MONTH'.*session opened for local user '$i'.*$/ { gsub("\\[|]|sftp-server|:","", $(NF-8)); print $(NF-8) } ' /var/log/auth.log* | sort | uniq`)
for j in "${PROCS[@]}"
do :
TEMP_READ=$(awk '/^'$MONTH'.*\['$j'\].*\ read\ [0-9]+\ written\ [0-9]+$/ { sum+=$(NF-2)}END{ print sum}' /var/log/auth.log*)
READ=$(($TEMP_READ+$READ))
TEMP_WRITTEN=$(awk '/^'$MONTH'.*\['$j'\].*\ read\ [0-9]+\ written\ [0-9]+$/ { sum+=$(NF)}END{ print sum}' /var/log/auth.log*)
WRITTEN=$(($TEMP_WRITTEN+$WRITTEN))
done
echo "Read $(($READ/(1024*1024))) MiB"
echo "Written $(($WRITTEN/(1024*1024))) MiB"
echo "################################"
echo
done
}
month() {
case "$1" in
1) MONTH='Jan'
;;
2) MONTH='Feb'
;;
3) MONTH='Mar'
;;
4) MONTH='Apr'
;;
5) MONTH='May'
;;
6) MONTH='Jun'
;;
7) MONTH='Jul'
;;
8) MONTH='Aug'
;;
9) MONTH='Sep'
;;
10) MONTH='Oct'
;;
11) MONTH='Nov'
;;
12) MONTH='Dec'
;;
*) echo 'Crash and Burn!'
exit 1
;;
esac
}
main $1
exit 0在sshd_config中,我这样:
Subsystem sftp /usr/lib/openssh/sftp-server -l VERBOSE
警告:该脚本占用了内存!如果日志文件很大,脚本最多可能需要10分钟才能完成(在EC2 Micro上测试)。
您可能想查看sftp logging上的这篇文章。我认为它将为您提供所需的信息,还有一些额外的工作来解析日志。