Home > linux > HTTP access_log analysis

HTTP access_log analysis

June 21st, 2007 rupert

1. In order to report execution times, include a “%T” in your httpd.conf as follows:

    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b %T" common
 
    <ifmodule>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %&gt;s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </ifmodule>
 
    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <virtualhost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-</virtualhost><virtualhost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    CustomLog logs/access.log common
</virtualhost>

2. There are many log analysis softwares (webalizer, awstats, etc) out there, but most of them are outdated. I found this nifty little tool called visitor from www.hping.org. Freely distributed for unix but demo versions for windows build. Here’s a demo.

Categories: linux Tags:
  1. rupert
    July 7th, 2007 at 19:22 | #1
    Reply | Quote

    visitors -A -m 30 access_log -o html > report.html

  2. rupert
    July 8th, 2007 at 00:31 | #2
    Reply | Quote

    Here’s the script running from cron

    55 23 * * * /usr/local/bin/visitors -A -m 30 /usr/local/apache2/logs/access_log -o html > /usr/local/apache2/htdocs/report.html

Comments are closed.