thanks
Here are the lines from my logfile
64.0.144.15 - - [27/Oct/2002:19:10:27 +051800] GET http://www.intel.com/
HTTP/1.1 200 8779 - Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)
202.88.144.103 - - [27/Oct/2002:23:16:17 +051800] GET http://www.yahoo.com
HTTP/1.1 200 8779 - ProxyHunter
Shishir Singhai [EMAIL PROTECTED] wrote:
Here are the lines from my logfile
64.0.144.15 - - [27/Oct/2002:19:10:27 +051800] GET
http://www.intel.com/ HTTP/1.1 200 8779 - Mozilla/4.0
(compatible; MSIE 4.01; Windows 95) 202.88.144.103 - -
[27/Oct/2002:23:16:17 +051800] GET http://www.yahoo.com
Hello everybody !!
I m using analog-5.23-2 on redhat 7.0. Since last 6 months i m using analog
everything's working perfectly now i have realised that the log files have
reached to more than 100 mb each. I have virtual domains on the system so i m
creating different log files for all different
Rich DeFuria [EMAIL PROTECTED] wrote:
I have customized analog to do everything I need save for one thing:
Can I configure analog to report on the ip addresses requesting
the files in the Request Report?
If a file has been requested 1,000 times do you want 1,000 IP addresses
listed against
On Fri, 1 Nov 2002, Aengus wrote:
Shishir Singhai [EMAIL PROTECTED] wrote:
Here are the lines from my logfile
64.0.144.15 - - [27/Oct/2002:19:10:27 +051800] GET
http://www.intel.com/ HTTP/1.1 200 8779 - Mozilla/4.0
(compatible; MSIE 4.01; Windows 95) 202.88.144.103 - -
On Thu, 31 Oct 2002, Cesar Martin wrote:
In that case I will post my request for a next version with the seconds
on it.
I mean, users jump from a page to other in seconds... and that's an
information you must have to understand what's going on.
I disagree. The time column shows the
On Fri, 1 Nov 2002 [EMAIL PROTECTED] wrote:
Hello everybody !!
I m using analog-5.23-2 on redhat 7.0. Since last 6 months i m using analog
everything's working perfectly now i have realised that the log files have
reached to more than 100 mb each. I have virtual domains on the system so i m
On Thu, 31 Oct 2002, Jeremy Wadsack wrote:
Rick Root ([EMAIL PROTECTED]; Thursday, October 31, 2002 10:19 AM):
I just installed the latest version of Analog on my RedHat Linux 7.2 server.
I can't for the life of me figure out how to use it. I've edited the
analog.cfg but when I run
Stephen, I love your product.
And yes, I need the seconds.
What I do is this:
1. Report by 5 minutes.
2. Isolate traffic peaks.
3. Isolate Host.
4. Create a request report for a precise amount of time and a unique host.
This final report give a very nice and precise path for a user but I need
Stephen, I love your product.
And yes, I need the seconds.
What I do is this:
1. Report by 5 minutes.
2. Isolate traffic peaks.
3. Isolate Host.
4. Create a request report for a precise amount of time and a unique host.
This final report give a very nice and precise path for a user but I need
Gentlemen:
On October 31, you wrote:
By the way, there is a useful article which has just appeared at
http://www.klarisma.dk/articles/aindex.asp
about adding fake parameters to requests in order to pass information to
yourself.
For example, the author recommends adding parameters to all
Stephen Turner wrote:
On Fri, 1 Nov 2002, Aengus wrote:
Shishir Singhai [EMAIL PROTECTED] wrote:
[27/Oct/2002:23:16:17 +051800] GET http://www.yahoo.com HTTP/1.1
200 8779 - ProxyHunter
Is this a proxy server log file? (It doesn't look like one). But they're
not valid URL requests
Klaus Johannes Rusch [EMAIL PROTECTED] wrote:
Stephen Turner wrote:
On Fri, 1 Nov 2002, Aengus wrote:
Shishir Singhai [EMAIL PROTECTED] wrote:
[27/Oct/2002:23:16:17 +051800] GET http://www.yahoo.com HTTP/1.1
200 8779 - ProxyHunter
Is this a proxy server log file? (It doesn't look like
What you are trying to achieve here may not be statistically valid.
See http://analog.cx/docs/webwork.html for reasons why.
--
Jeremy Wadsack
Wadsack-Allen Digital Group
cesar martin ([EMAIL PROTECTED]; Friday, November 01, 2002 7:07 AM):
Stephen, I love your product.
And yes, I need
Our scripts employing analog on IIS web sites have not worked well on their first run
on IIS 5.0 as opposed to IIS 4.0. Is there anything one needs to change?
Problems include: the general summary does not include 'successful requests for
pages'. The daily and hourly summaries show number of
cesar martin [EMAIL PROTECTED] wrote:
Stephen, I love your product.
And yes, I need the seconds.
What I do is this:
1. Report by 5 minutes.
2. Isolate traffic peaks.
3. Isolate Host.
Analog is an excellent tool for these tasks, and it doesn't need to
record seconds to do that.
4.
hi there,
Some time ago i had asked a question where i had asked on how do i get reports for a
particular. Thankfully Stephen explained that i could do that by changing the FROM and
TO fields
My question now will be
1.) Is there any way to get logs for a particular day on the fly . say
I am not a programmer.
Can you tell where to find an script to do that?
Thanks.
You don't need Analog for this. All you're
doing is grepping all entries
from a specific host in a particular time
window. Just write a short
script to do this for you. Analog would add
absolutely no value to
I have some qmail log files that I want to do a quick byte count on using
analog, but can't seem to get it figured out. I have grepped the files and
gotten just the lines with byte counts and converted the times to something
readable. Here is a sample line:
2002-09-20 08:17:23.276297500 info
I am running analog 5.23 on a redhat 7.2 apache
server. Analog runs perfectly analyzing all logs from
apaches and imported logs from an IIS server when
running as a cron job, or via command line.
I recently implemented the anlgform interface, and
the problem I am having is when specifying a
cesar martin [EMAIL PROTECTED] wrote:
I am not a programmer.
Can you tell where to find an script to do that?
You don't need to be a programmer to write a 4 line script. If you
prefer, use a spreadsheet or whatever other tool you're comfortable
with.
What platform are you on?
Aengus
On Fri, 1 Nov 2002, Ron Woodall wrote:
Does this information not already exist in a log file? I have two
fields in my log file, the requested page and the referring page. If I
understand Mr. Larsen correctly, he's adding additional information to the
referring field to tell me
On Fri, 1 Nov 2002, Bell, Leslie wrote:
Our scripts employing analog on IIS web sites have not worked well on
their first run on IIS 5.0 as opposed to IIS 4.0. Is there anything one
needs to change?
Problems include: the general summary does not include 'successful
requests for pages'.
On Fri, 1 Nov 2002, Garrett Bartley wrote:
I have some qmail log files that I want to do a quick byte count on using
analog, but can't seem to get it figured out. I have grepped the files and
gotten just the lines with byte counts and converted the times to something
readable. Here is a
On Fri, 1 Nov 2002, Mark Clancy wrote:
I am running analog 5.23 on a redhat 7.2 apache
server. Analog runs perfectly analyzing all logs from
apaches and imported logs from an IIS server when
running as a cron job, or via command line.
I recently implemented the anlgform interface, and
Bell, Leslie ([EMAIL PROTECTED]; Friday, November 01, 2002 8:47 AM):
One thing that was different in this run was that a previous run had
been aborted and there was a dns lockfile, so analog hacked off to
DNS Lookup.
If you know that Analog was aborted, you can remove this file
yourself.
Mark Clancy ([EMAIL PROTECTED]; Friday, November 01, 2002 10:46 AM):
I am running analog 5.23 on a redhat 7.2 apache
server. Analog runs perfectly analyzing all logs from
apaches and imported logs from an IIS server when
running as a cron job, or via command line.
I recently implemented
Sibi John ([EMAIL PROTECTED]; Friday, November 01, 2002 9:05 AM):
1.) Is there any way to get logs for a particular day on the fly
. say by choosing a particular day on the report itself.?? i.e not
going to analog.cfg to change dates ??
You can use -F/-T from the command line. These are
Garrett Bartley [EMAIL PROTECTED] wrote:
I have some qmail log files that I want to do a quick byte count on
using analog, but can't seem to get it figured out. I have grepped
the files and gotten just the lines with byte counts and converted
the times to something readable. Here is a
Thanks for your help,
I have ammended the perl script to save the params it
is recieving to a file, and here is the relevant
output:
queryparam LOGFILE
A=/var/log/httpd/access_lo*
A=/var/log/LogFiles/in*.log
queryparam LOGFORMAT
A=MICROSOFT-NA
queryparam FROM
A=020601
queryparam TO
A=020630
On Fri, 1 Nov 2002, Mark Clancy wrote:
analog is getting the correct dates, could it be the
order in which it is recieving params LOGFILE and
LOGFORMAT?, I put LOGFORMAT before LOGFILE
/var/log/LogFiles/in*.log in anlgform.html, but as it
goes through peral it changes.
LOGFORMAT is
As promised, here are the log formats for several
different server services that I have successfully created with good
results. I can make no garauntee on any of these, but I can say that they
have worked for me. Prior to discovering analog, I had my own Perl/PHP
scripts calculating log
I totally understand your point. But the main reason i want to do this is say if i
needed to see if there were any hacker intrusion attempts on my site today, I would
like see who was making what kind of requests at what time, and not just on a
particular file, any requests to my website.. is
Again, let me point you to PureSecure, http://www.demarc.com/. It does
intrusion detection, system monitoring, etc.
Analog is also useful for that, but not so much as a monitoring tool.
If you do find something suspicious, you can use Analog to drill
through the logs, isolating hosts
I got it working by letting analog.cfg handle the log
locations and logformat, instead of passing them from
the form.
Thanks again,
Mark
--- Stephen Turner [EMAIL PROTECTED]
wrote:
On Fri, 1 Nov 2002, Mark Clancy wrote:
analog is getting the correct dates, could it be
the
order in which
approve sonclark who analog-help
__
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/
+
| This is the analog-help mailing list. To unsubscribe from
I know... but I am not very good with scripts.
I use a mac and I am working with logs in the hundreds of megas so I can
not use excel to open them.
But yes, any help to extract a portion of a log life will be a great help.
Thanks.
Aengus wrote:
cesar martin [EMAIL PROTECTED] wrote:
I am
Just thought I'd add that Norton's Internet Security or Personal Firewall
blocks referrer as default.
Marc.
From: James Riemermann [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [analog-help] Counting hits from click-through campaign
Date: Wed, 30 Oct 2002
Hie Stephen,
Thanx for the help u provided me, infact i needed some guidens, i m very much
new with linux my background is admin for windows what i had been doing since
last 3 yrs it's been only last 8 months m on linux i found it so much
interesting that now i m keen to learn more more from it
39 matches
Mail list logo
