php apache log analyzer

'); Request route$ref = (isset ($_server[' http_referer '))? $_server[' Http_referer ']: '-');Request protocol Type$rprotocol = $_server[' Server_protocol ');Requesting the browser's user browser information$ragent = Empty ($_server[' http_user_agent ')? ' Unknown ': $_server[' http_user_agent ';$durl = $_server[' Request_uri ');$LOGSTR = Self::getrealip (). ''. $uhost. ' '. $rtime. ' "'. $rmethod. ' '. $ref. '. $rprotocol. ' " '. $ragent. ' '. $durl. ' \ r \ n ";if (!file_exists ($this->root_p

I'm using apache2.2+php5.4, I'm writing a wrong extensions=xxx.dll in php.ini, and I don't see any messages about this wrong DLL in php.ini error_log. And Error.log under Apache's logs is also not looking at any of the DLL's information about this error. Excuse me, what do I want to get information about the wrong DLL? The reason I'm asking is because I'm loading an extra DLL, by looking at Phpinfo is not loaded successfully, but just don't know where the error message is. Hope expert answer

: This article mainly introduces php regular expression parsing apache log file. For more information about PHP tutorials, see. Logs can be rolled hourly and analyzed using php regular expressions. $ LogLine = '2017. 0.0.1--[22/May/2015: 17: 09: 13 + 0800] "GET/sale/images/

The server has recently suffered hacker intrusion. Intruders are skilled, delete IIS log files to erase traces, you can go to the Event Viewer to look at the warning message from W3SVC, often find some clues. Of course, for Web servers with very large access, it is almost impossible to rely on manual analysis-there's too much data! A Third-party log analysis tool can be used to describe only one of the IIS

You can scroll the logs by the hour, using the PHP regular analysis log method to solve $logLine = ' 127.0.0.1--[22/may/2015:17:09:13 +0800] ' get/sale/images/y-select.png http/1.1 ' 1095 '; $pattern = '/^ (? P [0-9.] +) - - \[(? P [^\]]+] \]+ "GET (? P [^]+) http\/1.[ 1|0|2] "(? P [0-9.] +) (? P [0-9.] +)/I ';p reg_match

Logs can be rolled hourly and analyzed using php regular expressions to solve the problem $ logLine127.0.0.1 -- [22May2015: 17: 09: 133470800133 amp;quot=getsaleimagesy-select.png HTTP1.1 amp; quot; 2001095 ;... logs can be rolled hourly and analyzed using php regular expressions. $ LogLine = '2017. 0.0.1--[22/May/2015: 17: 09: 13 + 0800] "GET/sale/images/y-select.png HTTP/1.1" 200 1095 '; $ pattern = '/^

You can scroll the logs by the hour, using the PHP regular analysis log method to solve $logLine = ' 127.0.0.1--[22/may/2015:17:09:13 +0800] ' get/sale/images/y-select.png http/1.1 ' 1095 '; $pattern = '/^ (? P [0-9.] +) - - \[(? P [^\]]+] \]+ "GET (? P [^]+) http\/1.[ 1|0|2] "(? P [0-9.] +) (? P [0-9.] +)/I ';p reg_match

the Installation interfaceThe main error in the case of the database and the database user name password, generally installed 2 times, the 2nd time must delete the inside of the config.php, and then run SH configure.sh in the next step to generate config.php. And then you can start using it. (I don't know why I can't copy pictures, so I can only talk about the errors and workarounds I've encountered).This article is from the "innovation sharing gallop inside and out" blog, please be sure to kee

+mysql+loganalyzer implement log Display collection?1. Get ready for MySQLYum-y Install Mysql-server2. Configure Rsyslog(1) Install Rsyslog-mysql//rsyslog connected to MySQL module650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7E/A1/wKioL1cGBL6BwLAlAAAdvikc4Oc477.png "title=" 8lts6@2@@ ' V~v_kwcu3i]jc.png "alt=" Wkiol1cgbl6bwlalaaadvikc4oc477.png "/>(2) rsyslog.conf # # #MODULE # # #段中:$ModLoad Ommysql# # #RULE # # #段中Facility:priority:omm

, all content of the CGI program output to STDERR (Standard error, standard faulty device) will go directly into the error log. This means that any well-written CGI program, if there is a problem, the error log will tell us more about the problem. However, there are drawbacks to outputting the CGI program error to the error log, and there will be many things in t

You can also customize the log format, for example: LogFormat "% h % l % u % t \" % r \ "%> s % B \" % {Referer} I \ "\" % {User-Agent} I \ "" combine The combine format is defined. \ "% {Referer} I \" \ "% {User-Agent} I \" is the request header sent to the server and the Referer link. ------------------------------------- I am a split line ------------------------------------- How to enable Apache Rewrit

region with the UTC time difference of-5 hours, this parameter should be "-300 ". FilesizeM specifies to scroll by filesizeM file size, rather than by time or time difference. An example of setting in Windows is as follows:# Restrict the error log file to 1 MBErrorLog "| bin/rotatelogs.exe-l logs/error-% Y-% m-% d. log 1 M"# Generate an error log file every day#

/httpd.conf)404 page does not exist 11.21 Apache Access Log• Access logs record each user's request[Email protected] ~]# cat/usr/local/apache2.4/logs/111.com-access_log abc.com-access_log access_log httpd.pid 111.com-error_log abc.com-error_log error_log[[email protected] ~]# Cat/usr/local/apache2.4/logs/111.com-access_log(Get is not add-i)• Define the format:[[email protected] ~]# vim/usr/loca

profile to open it:# vim/usr/local/apache2.4/conf/httpd.confLoadModule Rewrite_module modules/mod_rewrite.soGet rid of this line of #.#/usr/local/apache2.4/bin/apachectl-tSyntax OK#/usr/local/apache2.4/bin/apachectl Graceful#/usr/local/apache2.4/bin/apachectl-m |grep RewriteRewrite_module (Shared)The module loads well and starts testing:# curl-x 127.0.0.1:80 2111.com.cn-ihttp/1.1 301 Moved Permanently status code 301Date:fri, APR 2018 12:17:18 GMTserver:apache/2.4.33 (Unix)

|sort-rn-k1|head-10# ibid ' {++s[$1]} END {for (key in S) print s[ Key],key} ' Access_bbs_20170423.log |sort-rn-k1|head-10Iv. Modifying hidden version information1. Change before compiling the installationVim/root/tools/httpd-2.4.25/include/ap_release.h#define Ap_server_basevendor "Apache software Foundation" #define Ap_server_baseproject "Apache HTTP SERVER" #de

11.18 Apache user authenticationChange the contents of a virtual hostVim/usr/local/apache2.4/conf/extra/httpd-vhosts.confAdd user name and password? /usr/local/apache2.4/bin/htpasswd-c-m/data/.htpasswd aming-C is the creation of-m specified typeView the generated password document contentsHe's gone up there already. htpasswd directory, then create in memory does not require-CSpecify the domain name hosts on WIC:\Windows\System32\drivers\etcAuthenticat

1. Apache Access LogEnter command cat/usr/local/apache2.4/conf/extra/httpd-vhosts.conf, enter, see,The access log for this virtual machine is inside the/logs/111.com-access_log, enter the command ls/usr/local/apache2.4/logs/, you can see the access log file, see,You can use the command Cat/usr/local/apache2.4/logs/111.com-access_log to view the contents, enter, s

[Email protected] abc.com]#/usr/local/apache2.4/bin/htpasswd-c-m/data/.htpasswd amingNew Password:Re-type New Password:Adding Password for user aming[Email protected] abc.com]# CAT/DATA/.HTPASSWDAming: $apr 1$zwidnzez$jsd12poivh90sry//fz3t.[Email protected] abc.com]#/usr/local/apache2.4/bin/htpasswd-m/data/.htpasswd ZhangsanNew Password:Re-type New Password:Adding Password for user Zhangsan[Email protected] abc.com]# CAT/DATA/.HTPASSWDAming: $apr 1$zwidnzez$jsd12poivh90sry//fz3t.Zhangsan: $apr 1

, hostname (domain name) is not www.123.com meet conditionRewriterule ^/(. *) $ http://www.123.com/$1 [r=301,l]//define rewrite rules that are not executed until the above conditions are met/usr/local/apache2/bin/apachectl-m|grep-i rewrite//Without this module, you need to edit the configuration file httpd.conf, delete the front of the Rewrite_module (shared) #Curl-x127.0.0.1:80-i 123.com//Status Code 30111.21 Configuring access LogsAccess log records

and other services under Linux are the same, encounter to view the error log after the error, according to the error message to determine the cause of the errors. How do you see the error message in PHP? When the encounters an error, our visit to the website usually shows a white page, nothing, and a status code of 500. In the first case, to directly display the error message in the browser, configure t