GoAccess is an open source real-time web log analyser and interactive viewer that runs in a terminal on Linux systems. The name suggest that is written in the Go language, but it actually is not (it is written in C).
Effectively it is like the “top” command, but instead of showing processes it is giving you insight in the traffic on your webserver. The tool provides all kinds of top lists useful for spotting irregularities. Great features include the listing of IP addresses by percentage of hits and showing the status codes of the served responses. Typically you would use this tool if your webserver is reporting high load or high bandwidth usage and you want to find out what is going on. The outcomes of the analysis with this tool can then be used to adjust your firewall or caching rules.
On my Ubuntu 15.04 I can install version 0.8.3 with:
sudo apt-get install goaccess
If you are on any Debian based Linux and you want to run the latest (0.9.2) version you can simply run:
wget http://tar.goaccess.io/goaccess-0.9.2.tar.gz tar -xvzf goaccess-0.9.2.tar.gz cd goaccess-0.9.2/ sudo apt-get install build-essential sudo apt-get install libglib2.0-dev sudo apt-get install libgeoip-dev sudo apt-get install libncursesw5-dev ./configure --enable-geoip --enable-utf8 make sudo make install
This will install the software in “/usr/local/bin/” and the manual in “/usr/local/man/”.
Running the software is as easy as:
man goaccess goaccess -f /var/log/apache2/access.log
The software will prompt you the log format. For me the “NCSA Combined Log Format” log format worked best. For nginx I just ran:
goaccess -f /var/log/nginx/access.log
It is really awesome, try it!