Week 10 ‐ Ubuntu Apache Logs - rune-seregina/sys320-fa25 GitHub Wiki

Objective:
The goal of this lab is to develop Bash scripts to interact with Linux system utilities and Apache web logs.

---

Table of Contents

• Intro
  • Access Scripts for this Lab
  • Creating Ubuntu Apache Logs
  • Accessing Ubuntu Apache Logs
• Technical Content
  • Deliverable-1: Screenshot similar to the one above, showing access to the default apache2 page (with IP address showing at URL).
  • Deliverable-2: Share screenshot of the contents of your basic_access_intruder.bash and screenshot of it running like one below
  • Deliverable-3: Utilizing a series of pipes (using "|") with cut, grep, and trim to display only IP address and page name, for records that indicate access to page2.html. Share a screenshot of the contents of your bash file and a screenshot of your script running the one below (but for page2.html)
  • Deliverable-4: Create a function that is called pageCount. This function will return how many times each page was accessed. Share a screenshot of your script. Share a screenshot of your script running like the one below

---

• week10
  • basic_intruder.bash
  • lecture.bash

---

• 1. Start your Ubuntu VM
• 2. Start your terminal
• 3. Update your Ubuntu install utility, type and enter:
  • sudo apt-get update
• 4. Install apache2, type and enter:
  • sudo apt-get install apache2
• 5. Start apache2 as a service, type and enter:
  • service apache2 start
  • service apache2 status
• 6. Get your IP address and take a note of it. Type and enter:
  • ip addr
• 7. Open a web browser and access your IP address to verify your connection. You should see Default Apache2 Page.

• 
• 8. Let's create a few pages. Remove the default index.html in /var/www/html and create your own index.html with the following content:
  • 
• Create page1.html with the following content:
  • 
• Create page2.html similarly to page1.html
• 9. Browse through your pages from your web browser by clicking on the links a few times (this will create logs)
• 10. Lets install curl
  • sudo apt-get install curl
• 11. Access to your web page using curl:
• 12. Lets create a script called basic_access_intruder.bash that will access to the web page 20 times in a row:
  • Create the basic_access_intruder.bash file in week11 directory of your working directory
    • a. It will have a for loop that will execute 20 times.
    • b. In your for loop, call curl (from the screenshot above but with your ip address)

• 
  • iterates 20 times using `for i in {1..20}
  • uses do and done to define the loop to be run 20 times
  • for each loop, curl to my IP address
• 

• 1. Your Apache logs will be under /var/log/apache2/
• 2. You can use cat, tail, head and similar terminal commands to obtain the contents of a file
• 3. You can use grep, awk and similar commands to filter the contents of a file
• 4. The following script separates the lines (cuts) by space (' ') and only displays 1st and 4th. trim (tr) by delimeter "[" gets rid of the character "["

• 
  • define variable file as the path to access log (/var/log/apache2/access.log)
  • define variable results as the contents of $file (expanded using quotation marks):
    • use cut -d ' ' to define the delimiter as a space (how items will be split)
    • use cut -f 1,7 to define which fields to show (IP, page)
    • use tr -d "/" to "delete" (-d) / characters from the output
    • finally, only display lines that have "page.html" using grep
• 

• 
  • keeps the same variable file as before
  • first function getAllLogs gets all the logs as before, displays fields 1,4, and 7 (IP, page, and time)
  • second function pages cuts again to only extract the page (3 because now there is only 3 fields, not 7+)
  • third function countPages:
    • defines unique pages as pages accessed, sorted alphabetically/by similarity
    • then only displays unique pages using uniq with the -c flag to group and count lines if they match
    • sort nr then sorts in descending order (numeric sort, reverse highest to lowest)
•