[wellylug] Server log capture/analysis

Cliff Pratt enkidu at cliffp.com
Fri Apr 9 09:09:35 NZST 2010

John Durham wrote:
> A contact of mine just asked me this about my CentOS 4.8 server.
>> Do you have a web server which you receive log files from? I'm writing 
>> a web server log analyzer, and so far I only have access to the server 
>> logs generated by my Windows server hosted web sites. I need to make 
>> the program work with more than one log file format, so if you have a 
>> web server log from Apache, or any web server other than the Windows 
>> IIS server, I would appreciate your sending me a copy and paste of the 
>> column headers definitions for your server log files, and details 
>> about how many lines at the start of your server log files are not log 
>> data.
>> For instance my web server logs have the following column header 
>> definitions, and non data lines at the beginning of each day's log -
>> #Software: Microsoft Log Parser
>> #Version: 1.0
>> #Date: 2010-03-30 03:59:05
>> #Fields: date time s-sitename s-computername s-ip cs-method 
>> cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version 
>> cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus 
>> sc-win32-status sc-bytes cs-bytes time-taken
>> I need to adapt my program to different column header layouts to 
>> accommodate different web server logs.
> This man would be interested in your response.
Since Apache log files can be customised in many ways, he is not going 
to get a definitive answer, is he? I guess he could go for the 'standard 
out of the box' format, but I'm not even sure that that is the same 
across all distros.



More information about the wellylug mailing list