You can scroll the logs by the hour, using the PHP regular analysis log method to solve
$logLine = ' 127.0.0.1--[22/may/2015:17:09:13 +0800] ' get/sale/images/y-select.png http/1.1 ' 1095 '; $pattern = '/^ (? P
[0-9.] +) - - \[(? P
[^\]]+] \]+ "GET (? P
[^]+) http\/1.[ 1|0|2] "(? P
[0-9.] +) (? P
[0-9.] +)/I ';p reg_match ($pattern, $
The server has recently suffered hacker intrusion. Intruders are skilled, delete IIS log files to erase traces, you can go to the Event Viewer to look at the warning message from W3SVC, often find some clues. Of course, for Web servers with very large access, it is almost impossible to rely on manual analysis-there's too much data! A Third-party log analysis tool can be used to describe only one of the IIS
, based on the addition of some image-request definition, such as GIF, JPG, BMP, SWF, JS, CSS, such as the end of the full mark as Image-request, and then in the configuration of the log when adding a tag env=! Image-request, there is an exclamation point, which means that the access log is only logged at the end of these characters, with an inverted, non-additive representation.Restart
Parse Apache log file, regular expression
/** Copyright (c) Ian F. Darwin, http://www.darwinsys.com/, 1996-2002.* All rights reserved. Software written by Ian F. Darwin and others.* $Id: license,v 1.8 2004/02/09 03:33:38 Ian Exp $** Redistributio
In the Apache access log, all actions are logged by default. Includes some local static small pictures, so the log becomes bloated.At this point we can specify that the log of the specified file type is not logged, so that only the log
Apache does not record the specified file type logIf a site traffic is particularly large, then the access log will be many, but there are some access logs we can actually ignore, such as some of the site's pictures, as well as js,css and other static objects. Access to these files is often huge, and even if these logs are not used, how do you ignore them?Setenvi
Recently, a foreign security researcher found a vulnerability on the Apache server that uses the Rewritelog () function in the modules/mappers/mod_rewrite.c file to incorrectly process certain escape sequences, as a result, malicious attackers can inject specially crafted HTTP requests into log files. If an HTTP request contains the escape sequence of the termina
=1ajaxtarget=plugin_notice http/1.1 "200 63There will be a lot of logs every day, how to deal with it?# vim/usr/local/apache2/conf/extra/httpd-vhosts.confErrorlog "Logs/test.com-error_log"Customlog "|/usr/local/apache2/bin/rotatelogs-l/usr/local/apache2/logs/test.com-access_%y%m%d_log 86400" combined86400s== Day# Ls/usr/local/apache2/logs This time the log is divided by dayTest.com-access_20151214_log Test.com-error_logHow does
Each user access generates an access log, along with an error log.So, the log files will accumulate over the long-range, early to explode our hard drive, so we can cut through the log, such as the number of days to cut into a series of documents. You can then delete a long file by other means.How to cut the
There are a lot of Apache logs that do not need to be recorded, compared to slices of images. This requires us to set up the virtual host file, the picture and so on some do not need to record to do a tag, and then based on this tag to do the restrictions.Specific operation:[Email protected] logs]# vim/usr/local/apache2/conf/extra/httpd-vhosts.confsetenvif Request_uri ". *\.gif$" Image-requestsetenvif Reque
What if I need to analyze the access log now?Like analyzing D:\Servers\Apache2.2\logs\access2014-05-22.log .http://my.oschina.net/cart/ developed a gadget to analyze Apache logs, split the word interleaved CSV file and insert MySQL database analysis for this issuePHP$date= ' 2014-05-22 ';file_put_contents($date.‘. CSV
, or look through the configuration file to see where the log files are configured.As its name shows, the access log Access_log records all Access activities to the Web server. The following is a typical record in the access log:
216.35.116.91--[19/aug/2000:14:47:37-0400] "get/http/1.0″200 654
This line consists of 7 i
format is: SQLCMD -u user name-p password-S IP address If the port number is omitted, the default connection is 1433 port It has a slightly different connection method and Query Analyzer, assuming that the password for the SQL2005 server SA on 192.168.1.55 is SA, The port is 1434 We can connect like this sqlcmd-u sa-p sa-s 192.168.1.55,1434 If you connect port 1433, you can omit the port: sqlcmd-u sa-p sa-s 192.168.1.55 (also note that-u,-p,-s
How to Use the SARG log analyzer on CentOS to analyze Squid logs
In the previous tutorial, we showed you how to use Squid to configure transparent proxy on CentOS. Squid provides many useful features, but it is not straightforward to analyze an original Squid log file. For example, how do you analyze the timestamp and
It has been a long time since the previous version.
When V1.0 is used, it is called CYQ. IISLogViewer.
During V2.0, a Chinese name is given, which is:
Website log analyzer V2.0
After upgrading to 3.0, I changed the name:Autumn-style website log analyzer V3.0
Key points of this version upgrade:1: Overall upgrade to av
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.