[ Pobierz całość w formacie PDF ]
.For example, if you wantto see updates for a log called /var/log/messages as they occur, use:tail -f /var/log/messagesAnalyzing Your Log FilesSo far, you have learned to create standard CLF-based logs and custom logs.Now,you need a way to analyze these logs to make use of the recorded data.Your loganalysis needs may vary.Sometimes you may need to produce extensive reports, ormaybe you just want to do a simple checking on the logs.For simple tasks, it is bestto use whatever is available at hand.Most Unix systems have enough utilities andscripting tools available to do the job.Using Unix utilities, you can quickly grab needed information; however, this methodrequires some Unix know-how, and is not always convenient because your bossmay want a  pretty report instead of some dry textual listing.In such a case, youcan either develop your own analysis programs or use third-party analysis tools.Let s use a Unix utility to get a list of all the hosts.If you use the default loggingfacility or a custom log with CLF support, you can find a list of all the hosts quiteeasily.For example:cat /path/to/httpd/access_log | awk  {print $1}prints out all the host IP addresses (if you have DNS [domain name server] lookupenabled, then host aliases are shown).The catutility lists the access_logfile, andthe resulting output is piped to the awkinterpreter, which prints out only the firstfield in each line using the printstatement.This prints all the hosts; but what ifyou wanted to exclude the hosts on your network? In that case, you would use:cat /path/to/httpd/access_log | awk  {print $1} | egrep -v  (^206.171.50)where 206.171.50should be replaced with your network address.Here I amassuming that you have a class C network.If you have a class B network, you onlyneed to use the first two octets of your IP address.This version enables you toexclude your own hosts using the egrep utility, which is told to display (via -v) onlythe hosts that do not start with the 206.171.50network address.This still may notbe satisfactory, however, because there are likely to be repeats.Therefore, the finalversion is:cat /path/to/httpd/access_log | awk  {print $1} | uniq | egrep -v (^206.171.50)e4821-2 ch08.F 2/22/02 10:13 AM Page 233Chapter 8 &' Monitoring Access to Apache233Here, the uniqutility filters out repeats and shows you only one listing per host.Ofcourse, if you want to see the total number of unique hosts that have accessed yourWeb site, you can pipe the final result to the wcutility with a -loption as follows:cat /path/to/httpd/access_log | awk  {print $1} | \uniq | egrep -v  (^206.171.50) | wc -lThis gives you the total line count (that is, the number of unique host accesses).Many third-party Web server log-analysis tools are available.Most of these toolsexpect the log files to be in CLF format, so make sure you have CLF formatting inyour logs.Table 8-3 lists some of these tools and where to find them.Table 8-3Third-Party Log Analysis ToolsProduct Name Product URLWebTrends www.webtrends.com/Wusage www.boutell.com/wusage/wwwstat www.ics.uci.edu/pub/websoft/wwwstat/Analog www.statslab.cam.ac.uk/~sret1/analog/http-analyze www.netstore.de/Supply/http-analyze/Pwebstats www.unimelb.edu.au/pwebstats.htmlWebStat Explorer www.webstat.com/AccessWatch http://netpressence.com/accesswatch/The best way to learn which tool will work for you is to try all the tools, or at leastvisit their Web sites so that you can compare their features.Two utilities that I findvery useful are Wusage and wwwstat.Wusage is my favorite commercial log-analysis application.It is highly configurableand produces great graphical reports using the company s well-known GD graphicslibrary.Wusage is distributed in a binary format.Evaluation copies of wusage areprovided free for many Unix and Windows platforms.wwwstatis one of the freeware analysis programs that I prefer.It is written in Perl,so you need to have Perl installed on the system on which you want to run thisapplication.wwwstatoutput summaries can be read by gwstatto produce fancygraphs of the summarized statistics.e4821-2 ch08.F 2/22/02 10:13 AM Page 234Part II &' Web Site Administration234Creating logs in Apache is easy and useful.Creating logs enables you to learn moreabout what s going on with your Apache server.Logs can help you detect and iden-tify your site s problems, find out about your site s best features, and much more.Can something so beneficial come without a catch? If you said no, you guessed right.Log files take up a lot of valuable disk space, so they must be maintained regularly.Log MaintenanceBy enabling logging, you may be able to save a lot of work, but the logs themselvesdo add some extra work for you: they need to be maintained.On Apache sites withhigh hit rates or many virtual domains, the log files can become huge in a very shorttime, which could easily cause a disk crisis.When log files become very large, youshould rotate them.You have two options for rotating your logs: you can use a utility that comes withApache called rotatelog, or you can use logrotate, a facility that is available onmost Linux systems.Using rotatelogApache comes with a support utility called rotatelog.You can use this programas follows:TransferLog  | /path/to/rotatelogs logfile rotation_time_in_seconds>For example, if you want to rotate the access log every 86,400 seconds (that is, 24hours), use the following line:TransferLog  | /path/to/rotatelogs /var/logs/httpd 86400Each day s access log information will be stored in a file called/var/logs/httpd.nnnn, where nnnnrepresents a long number.Using logrotateThe logrotateutility rotates, compresses, and mails log files.It is designed to easethe system administration of log files.It enables the automatic rotation, compression,removal, and mailing of log files on a daily, weekly, or monthly, or size basis.Normally,logrotateis run as a daily cronjob.Read the manpages for logrotateto learnmore about it.If your system supports the logrotatefacility, you should create a script called/etc/logrotate.d/apacheas shown in Listing 8-2.e4821-2 ch08.F 2/22/02 10:13 AM Page 235Chapter 8 &' Monitoring Access to Apache235Listing 8-2: /etc/logrotate.d/apache# Note that this script assumes the following:## a.You have installed Apache in /usr/local/apache# b.Your log path is /usr/local/apache/logs# c.Your access log is called access_log (default in Apache)# d.Your error log is called error_log (default in Apache)# e.The PID file, httpd.pid, for Apache is stored in the log# directory (default in Apache)## If any of the above assumptions are wrong, please change# the path or filename accordingly [ Pobierz całość w formacie PDF ]

Podobne

• Start
• PHP and MySQL MySQL Bible
• McGraw.Hill,.Digital.Animation.Bible.Creating.Professional.Animation.with.3ds.Max.Lightwave.and.Maya.(2004).LiB
• Trevor Kay Linux Certification Bible
• Microsoft Office 2003 Super Bible
• Ebook Windows XP Bible
• Access 2002 Bible
• Redhat Linux 7.2 Bible
• Magik Magdalena Parys
• Vincenzi Penny NiebywaÅ‚y skandal
• Hesse Hermann Wilk stepowy (SCAN dal 962)
• zanotowane.pl
• doc.pisz.pl
• pdf.pisz.pl
• helpmilo.pev.pl