|
I've tried to use Analog to analyse a Squid
access.log (ftp-ing the logs from a linux server into a W2k
station.)
It failed. I've tried to describe the
Squid logformat. I've turned the debug on.
What I'm doing wrong? Can someone to send me a LOGFORMAT for Squid?
Thank you in advance.
LiviuS
Here are my inputs / outputs:
logformat
LOGFORMAT ( %U.%j %w %W %W %W %T %w %s %w %j/%j %w
%b %w %j %w %r %w %j %w %j %w %j )
with many variations on the theme, or like
this:
LOGFORMAT ( %U.%j %W%T %s %j/%c %b %j %r %j\n
)
also with lots of variations.
The output was quite always (except some obvious
errors I made :) similar to this:
D:\analog5.03>analog
analog: analog version 5.03/Win32 analog: Warning L: Large number of corrupt lines in logfile \tmp\access.log: try different LOGFORMAT (For help on all errors and warnings, see docs/errors.html) Current logfile format: %U.%j %j %S %j/%c %b %j %r %j\n \n analog: Warning L: Large number of corrupt lines in logfile...... >> (Bla-bla-bla and so onfor all successive
logs)
Then, it turned off all reports, like this: analog: Warning R: Turning off empty time reports
analog: Warning R: Turning off empty Request Report etc... etc... Turning DEBUG ON, I obtain something like this:
C: 999598341.938 2657 192.168.101.4 TCP_MISS/200 974 GET http://finance.yahoo.
com/yHqBcNpBtBhBrBmBdBFg - DIRECT/finance.yahoo.com text/html C: * C: 999598369.349 30078 192.168.101.4 TCP_MISS/200 31895 GET http etc... etc... |
- Re: [analog-help] What i'm botching up? or Why Analog disli... Liviu Stoian
- Re: [analog-help] What i'm botching up? or Why Analog ... Jeremy Wadsack
- Re: [analog-help] What i'm botching up? or Why Analog ... simeck1 . edu
