Date: Mon, 06 Aug 2001 15:05:23 -0700 From: Drew Tomlinson <drewt@writeme.com> To: 'Mark Rowlands' <mark.rowlands@minmail.net>, Drew Tomlinson <drewt@writeme.com> Cc: freebsd-questions@FreeBSD.ORG Subject: RE: How to Analyze Apache Logs? (Was RE: Attempted Buffer Overrun in via httpd?) Message-ID: <5CD46247635BD511B6B100A0CC3F023925A03A@ldcmsx01.lc.ca.gov> In-Reply-To: <01080619585201.34275@pcmarpxy.tninet.se>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Mark Rowlands [mailto:mark.rowlands@minmail.net] > Sent: Monday, August 06, 2001 10:59 AM > To: Drew Tomlinson > Cc: freebsd-questions@FreeBSD.ORG > Subject: Re: How to Analyze Apache Logs? (Was RE: Attempted Buffer > Overrun in via httpd?) > > > On Monday 06 August 2001 19:02, you wrote: > > [snipped previous discussion] > > > > I've been reading this thread and it prompted my to check > my logs. I > > appear to have lots of hits as well. Others are graphing > there hits and I > > would like to see how mine are. Is there a port that > others are using to > > do this? What is recommended for a newbie to start > analyzing Apache logs? > > for a specific incident like this, no, use perl or sh or > whatever grabs your > fancy. webalizer, is quite a pretty log analyser for more general use. > > perl -ne 'print if /\bdefault\.ida\b/i' yourapachelog > > > will extract the code red attempts from a standard apache > log, as to more > detailed logging of network misdemeanours, I use snort and acid > > see http://www.snort.org Thank you for your assistance. Another reason I need to start learning a scripting language... :) Drew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5CD46247635BD511B6B100A0CC3F023925A03A>