Is Analog capable of analyzing a log from a firewall named Raptor?.
The log contents are so much different than Apache logs that
I'm having a hard time determining what to use for a LOGFORMAT.
Maybe I'm just trying to do something that Analog was not intended for?
Heres a example of my 50th failed try at a format
LOGFORMAT %M %d %h:%n:%j %j httpd[%j]: %c %j: duration=%t %j %j rcvd=%b %j
src=%
S/%j %j %j %j arg=%r %j %j
I get a error saying there is too many arguments in the config command.
Heres a sample line of data from the log
May 16 00:00:00.143 xtranet httpd[6110]: 121 Statistics: duration=0.34
id=ywFFM
sent=366 rcvd=64 srcif=qfe2 src=257.12.69.451/1237 dstif=le0
dst=162.152.2.70/80
op=GET arg=http://www.401k.com/ result="304 Use local copy" proto=http
rule=9
thanks for any advice
Larry Theurer SPX Corp
------------------------------------------------------------------------
This is the analog-help mailing list. To unsubscribe from this
mailing list, send mail to [EMAIL PROTECTED]
with "unsubscribe" in the main BODY OF THE MESSAGE.
List archived at http://www.mail-archive.com/[email protected]/
------------------------------------------------------------------------
