Re: webalizer or analog equivalent for SSL-based access_logs

Steven Sim Kok Leong · ‎01-04-2002

Hi all,

Anyone knows of a freeware that allows statistical parsing of ssl_request_logs (HTTP-SSL access_logs) the same way webalizer and analog does for access_log (HTTP access_logs) for Apache+SSL webserver?

Thanks in advance. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

Christopher Caldwell · ‎01-04-2002

access_logs for https (SSL) vs. http (non-SSL) are the same. We use analog for both.

Steven Sim Kok Leong · ‎01-04-2002

Hi,

Two lines of access_log:

202.156.255.212 - - [04/Dec/2001:18:47:22 +0800] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294 "-" "-"
127.0.0.1 - - [05/Dec/2001:09:34:56 +0800] "get" 501 - "-" "-"

Two lines of ssl_request_log:

[05/Jan/2002:07:28:27 +0800] 192.168.123.120 SSLv3 RC4-MD5 "POST /cgi-bin/itrc.cgi HTTP/1.1" 7293
[05/Jan/2002:07:28:56 +0800] 192.168.123.120 SSLv3 RC4-MD5 "GET /cgi-bin/itrc.cgi HTTP/1.1" 534

Their formatting is different. Anyway, I found out later that access_log uses the LogFormat setting in httpd.conf while ssl_request_log uses the CustomLog setting in httpd.conf.

Thanks. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brianbench.com

Christopher Caldwell · ‎01-07-2002

Either
1) tell analog what format the logs are in (see http://analog.cx/docs/logfmt.html)
or
2) tell apache/iPlanet/Netscape etc. what format you'd like the log files to be in (see the documentation for your web server).

Steven Sim Kok Leong · ‎01-07-2002

Hi,

In my first response, I had already updated CustomLog to tailor ssl_request_log to use the same format as LogFormat which is used to tailor access_log which fixed my issue.

Anyway, thanks for the information. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: webalizer or analog equivalent for SSL-based access_logs

webalizer or analog equivalent for SSL-based access_logs