Linux proftpd log query and analysis company uses FTP to receive the customer's EDI order. Recently, the customer said that the order has been sent to us through FTP a long time ago. Why has it not been delivered yet, however, after repeated checks, I did not find the order on FTP, but the customer insisted that the order had been uploaded. It seems that to solve the dispute, only the operation logs on FTP can be viewed, use Data to speak. The company's FTP was set up based on the proftpd software in Linux. First, check the proftpd configuration file vi/etc/proftpd. conf to learn the Log file path, as shown in red circles. Truncate the logs of an ftp account and save them to a new file: (in the following example, the account is ftpwbshop) cat xferlog. processed | grep ftpwbshop>/home/ftpwbshop. log can get the following logs for multiple lines: thu Dec 3 10:46:32 2009 0 120.32.171.4 2236/vhost/vhostroot/cycxm2/www/uploadfile/20090307132822145.jpg a _ d r cycxm2 ftp 0 * c each parameter in the record corresponds to the following: current-time transmission time Fri Jan 9 10:07:20 2004 transfer-time transmission duration 0 s remote-host remote ftp client address 192.168.0.88 file-size transfer file size 320 B file-name Transmission file Name/home/redflag/partitioninfo transfer-type transmission type B indicates binary transmission, a Indicates the special behavior tag _ For ascii transmission special-action-flag, C indicates the compressed file, U indicates that the file is not compressed, T indicates that the file is tar, and _ indicates that no special behavior is directed to I, for upload, o for download, d for deletion access-mode r for system users, a is the authentication method of the ftp server software name called by anonymous username redflag service-name, 0 indicates no authen-ticated-user-id * indicates no authenticated user id completion-status. Transmission completed. c indicates completion. I indicates completion.