Apache — алерт по доле 5xx за последнюю минуту

#!/usr/bin/env bash
# Computes 5xx ratio of last 60s of access log. Wrap as HTTP endpoint.
LOG="${LOG:-/var/log/apache2/access.log}"
THRESHOLD_PCT="${RATIO_THRESHOLD:-2}"

# Last 60 seconds of log entries
LINES=$(awk -v cutoff="$(date -d '60 seconds ago' '+%d/%b/%Y:%H:%M:%S')" '
  match($4, /\[([^]]+)\]/, m) { if (m[1] >= cutoff) print $9 }
' "$LOG")
TOTAL=$(echo "$LINES" | wc -l)
[ "$TOTAL" -lt 5 ] && { echo "ok 0"; exit 0; }  # too few requests
ERR=$(echo "$LINES" | awk '/^5/ {n++} END{print n+0}')
PCT=$(( ERR * 100 / TOTAL ))
[ "$PCT" -ge "$THRESHOLD_PCT" ] && echo "high $PCT% ($ERR/$TOTAL)" || echo "ok $PCT%"