[analog-help] Log formats for several log types

[analog-help]

As promised, here are the log formats for several different server services that I have successfully created with good results.  I can make no garauntee on any of these, but I can say that they have worked for me.  Prior to discovering analog, I had my own Perl/PHP scripts calculating log files, but Analog is like 10 billion times faster and has much better output.  Please feel free to offer any corrections or improvements.   And thank you to everyone who has helped make Analog a great piece of software!   Microsoft FTP Server Sample log file line: 2002-10-31 15:33:33 207.32.96.139 user MSFTPSVC2 Server1 192.168.1.100 21 [2855]created filename.ext - 226 0 165340 1468 FTP - - - -   Log format: LOGFORMAT "%Y-%m-%d %h:%n:%j %s %u %j %j %j [%j]%j %r - %C %b %b %t FTP - - - -"   Notes: This is with all logging turned on except for the Win32 status.     Real Media Server Sample log file line: 12.216.124.30 - - [31/Oct/2002:22:45:26 -0500]  "GET dir/091202v1.rm RTSP/1.0" 200 23306141 [WinNT_5.0_6.0.9.380_play32_AOL8_en-US_UNK_axembed] [abc4fd5b-8b09-456b-9cdf-3e7fea4b705d] [Stat1:      8028         18          0          0          0 64_Kb ps_Stereo_Music_-_RA8][Stat2:     64083      65987          0          0          0         18         18          0 0          0         50 64_Kbps_Stereo_Music_-_RA8] 77700425 1595 905 123 0 8581   Log format: LOGFORMAT "%s %j %j [%d/%M/%Y:%h:%n:%j %j]  "%j %r %j" %c %b [%B] %j"   Notes: This ignores the extra statistics at the end and just reports the basics.     Serv-U FTP Server Sample log file line: [3] Tue 14May02 16:56:25 - (000037) Error sending file f:\filename.ext, aborting (3.09 Kb/sec - 487424 bytes, client closed data connection) [4] Tue 30Apr02 14:52:54 - (000257) Received file f:\filename.ext successfully (29 .2 Kb/sec - 5651 bytes) [3] Wed 01May02 23:18:53 - (000002) Sent file f:\filename.ext successfully (92.2 Kb/sec - 6893 bytes) [5] Tue 30Apr02 10:29:18 - (000245) Connected to 216.136.171.204 (Local address 192.168.1.101)   Log format(s): LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Error sending file %r, aborting (%j Kb/sec - %b bytes, %j %j)" LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Received file %r successfully (%j Kb/sec - %b bytes)" LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Sent file %r successfully (%j Kb/sec - %b bytes)" LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Connected to %s (Local address 192.168.1.101)"     Shoutcast (Old style logging) Sample log file lines: <08/18/02@04:25:49> [SHOUTcast] DNAS/win32 v1.8.0 (Jan  2 2001) starting up... <08/18/02@04:25:49> [main] loaded config from C:\Program Files\SHOUTcast2\sc_serv_gui.ini <08/18/02@04:25:49> [main] initializing (usermax:200 portbase:9191)... <08/18/02@04:25:49> [main] No ban file found (sc_serv.ban) <08/18/02@04:25:49> [main] No rip file found (sc_serv.rip) <08/18/02@04:25:49> [main] opening source socket <08/18/02@04:25:49> [main] source thread starting <08/18/02@04:25:49> [main] opening client socket <08/18/02@04:25:49> [source] listening for connection on port 9192 <08/18/02@04:25:49> [main] Client Stream thread [0] starting <08/18/02@04:25:49> [main] client main thread starting <08/18/02@04:25:49> [dest: 216.253.39.2] server unavailable, disconnecting <08/18/02@04:25:58> [source] connected from 66.192.5.158 <08/18/02@04:25:58> [source] icy-name:NEWSRADIO 640 WGST (rush dr. laura kimmer) ; icy-genre:NEWS TALK <08/18/02@04:25:58> [source] icy-pub:1 ; icy-br:24 ; icy-url:http://www.wgst.com <08/18/02@04:25:58> [source] icy-irc:#shoutcast ; icy-icq:0 ; icy-aim:N/A <08/18/02@04:25:59> [dest: 205.188.234.42] starting stream (UID: 0)[L: 1] <08/18/02@04:25:59> [dest: 205.188.234.42] connection closed (0 seconds) (UID: 0)[L: 0]{Bytes: 16384} <08/18/02@04:26:00> [yp_add] yp.shoutcast.com added me successfully <08/18/02@04:28:59> [yp_tch] yp.shoutcast.com touched! <09/11/02@12:08:25> [dest: 63.236.253.100] service full, disconnecting   Log format(s): LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] connection closed (%t seconds) (UID: %u)[L: %r]{Bytes: %b} LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] starting stream (UID: %j)[L: %j] LOGFORMAT "<%m/%d/%y@%h:%n:%j> [yp_tch] yp.shoutcast.com touched! LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] service full, disconnecting LOGFORMAT "<%m/%d/%y@%h:%n:%j> [SHOUTcast] DNAS/win32 v1.8.0 (Jan  2 2001) starting up... LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] loaded config from C:\Program Files\%j\sc_serv_gui.ini LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] initializing (usermax:%j portbase:%j)... LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] No ban file found (sc_serv.ban) LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] No rip file found (sc_serv.rip) LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] opening source socket LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] source thread starting LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] opening client socket LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] listening for connection on port %j LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] Client Stream thread [%j] starting LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] client main thread starting LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] server unavailable, disconnecting LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] connected from %j LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] icy-name:NEWSRADIO 640 WGST (rush dr. laura kimmer) ; icy-genre:NEWS TALK LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] icy-pub:1 ; icy-br:24 ; icy-url:http://www.wgst.com LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] icy-irc:#shoutcast ; icy-icq:0 ; icy-aim:N/A <%m/%d/%y@%h:%n:%j> [yp_add] yp.shoutcast.com added me successfully     Shoutcast (New W3C style logging) Sample log file lines: #Fields: c-ip c-dns date time cs-uri-stem c-status cs(User-Agent) sc-bytes x-duration avgbandwidth 66.156.94.18 66.156.94.18 2002-09-14 22:38:34 /stream?title=Unknown 200 iTunes%2F3%2E0%20%28Macintosh%3B%20N%3B%20PPC%29 409600 86 38096   Log format(s): LOGFORMAT "%s %S %Y-%m-%d %h:%n:%j %r %c %u %b %j %j"     Microsoft Windows Media Sample log file lines: #Fields: c-ip date time c-dns cs-uri-stem c-starttime x-duration c-rate c-status c-playerid c-playerversion c-playerlanguage cs(User-Agent) cs(Referer) c-hostexe c-hostexever c-os c-osversion c-cpu filelength filesize avgbandwidth protocol transport audiocodec videocodec channelURL sc-bytes c-bytes s-pkts-sent c-pkts-received c-pkts-lost-client c-pkts-lost-net c-pkts-lost-cont-net c-resendreqs c-pkts-recovered-ECC c-pkts-recovered-resent c-buffercount c-totalbuffertime c-quality s-ip s-dns s-totalclients s-cpu-util 203.40.128.205 2002-11-01 05:23:33 vincet mms://media.streamtoyou.com/cog/ISDN/OT_les06.asf 166 6 1 200 {CD48B822-BB6E-11D6-A01B-DD746EAE8C33} 6.4.7.1119 en-AU Mozilla/4.0_(compatible;_MSIE_6.0;_Windows_98;_YComp_5.0.0.0) http://www.ministerialtraining.org/VideoView.asp?ID=1&U=8&L=6&V=6&S=100 IEXPLORE.EXE 6.0.2600.0 Windows_98 4.10.0.2222 Pentium 1805 23113117 10638 mms UDP Windows_Media_Audio_V2 Microsoft_MPEG-4_Video_Codec_V3 - 15237 0 52 37 0 0 0 0 0 0 1 0 100 65.172.162.91 - 1 0   Log format(s): LOGFORMAT (#%j: %j) LOGFORMAT (%s%w%Y-%m-%d%w%h:%n:%j%w%S%w%r%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%B%w%f%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%b%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%v%w%j%w%j)   Notes: This is with all logging turned on except for the Win32 status.     Microsoft SMTP Note: Analog detects the log format automagically since it is very similar to IIS W3C logging.