Split Apache (or Nginx) Access logs by Month
Did you ever have an access log that was way too big because someone accidentally (or even intentionally) disabled log rotation?
Split it back out by years and months with this command block.
awk 'BEGIN {
split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ", months, " ")
for (a = 1; a <= 12; a++)
m[months[a]] = a
}
{
split($4,array,"[:/]");
year = array[3]
month = sprintf("%02d", m[array[2]])
print > FILENAME"-"year"_"month".txt"
}' access_log
When it's finished, you'll have a separate access_log for each month, which is far more parseable. This can be extended to split daily as well.