Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 06 Aug 2001 15:05:23 -0700
From:      Drew Tomlinson <drewt@writeme.com>
To:        'Mark Rowlands' <mark.rowlands@minmail.net>, Drew Tomlinson <drewt@writeme.com>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   RE: How to Analyze Apache Logs? (Was RE: Attempted Buffer Overrun in via httpd?)
Message-ID:  <5CD46247635BD511B6B100A0CC3F023925A03A@ldcmsx01.lc.ca.gov>
In-Reply-To: <01080619585201.34275@pcmarpxy.tninet.se>
next in thread | previous in thread | raw e-mail | index | archive | help 
> -----Original Message-----
> From: Mark Rowlands [mailto:mark.rowlands@minmail.net]
> Sent: Monday, August 06, 2001 10:59 AM
> To: Drew Tomlinson
> Cc: freebsd-questions@FreeBSD.ORG
> Subject: Re: How to Analyze Apache Logs? (Was RE: Attempted Buffer
> Overrun in via httpd?)
>
>
> On Monday 06 August 2001 19:02, you wrote:
> > [snipped previous discussion]
> >
> > I've been reading this thread and it prompted my to check
> my logs.  I
> > appear to have lots of hits as well.  Others are graphing
> there hits and I
> > would like to see how mine are.  Is there a port that
> others are using to
> > do this? What is recommended for a newbie to start
> analyzing Apache logs?
>
> for a specific incident like this, no, use perl or sh or
> whatever grabs your
> fancy. webalizer, is quite a pretty log analyser for more general use.
>
> perl -ne 'print if /\bdefault\.ida\b/i' yourapachelog
> 
>
> will extract the code red attempts from a standard apache
> log, as to more
> detailed logging of network misdemeanours, I use snort and acid
>
> see http://www.snort.org

Thank you for your assistance.  Another reason I need to start learning a
scripting language... :)

Drew


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5CD46247635BD511B6B100A0CC3F023925A03A>