Analyze webmail log by grep grouping

zgrek20

Member
Aug 28, 2020
6
0
1
Greece
cPanel Access Level
Root Administrator
Hi.
i was wondering if you could help me out analyze the cpanel log (/usr/local/cpanel/logs/access_log) by using a perl pattern.

The purpose is to group by user and ip and check only webmail access .

I wonder if that is possible with a grep command along with some perl pattern.
For example the output could be:
user / IP
[email protected] / XXX.XXX.XXX.XXX
[email protected] / XXX.XXX.XXX.XXX

is that possible?
Thanks
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,304
1,250
313
Houston
It's not perl but this one-liner would get you that information sorted numerically and grouped by unique entries

Code:
egrep 'horde|roundcube' /usr/local/cpanel/logs/access_log |grep login |grep POST|awk '{print $1, $3}' |sort |uniq -c |sort -n