Tag Archives: log

用 Logwatch 工具监控 Linux 系统 Log 日志

如果要想迅速的得到 Linux 环境中的日志报告信息, Logwatch 是一个很好的工具.
在debian上安装非常简单,只需要
#sudo apt-get install logwatch
查看昨天的信息,使用下面的命令就可以了。结果包括启动信息,登陆信息,磁盘使用状况等。
#logwatch –print
单独查看某项服务的信息,比如ssh,使用
#logwatch –service  sshd –print
具体使用可以
#logwatch –help
Usage: /usr/sbin/logwatch [–detail <level>] [–logfile <name>]
   [–print] [–mailto <addr>] [–archives] [–range <range>] [–debug <level>]
   [–save <filename>] [–help] [–version] [–service <name>]
   [–numeric] [–output <output_type>]
   [–splithosts] [–multiemail]
 
–detail <level>: Report Detail Level – High, Med, Low or any #.
–logfile <name>: *Name of a logfile definition to report on.
–service <name>: *Name of a service definition to report on.
–print: Display report to stdout.
–mailto <addr>: Mail report to <addr>.
–archives: Use archived log files too.
–save <filename>: Save to <filename>.
–range <range>: Date range: Yesterday, Today, All, Help
                             where help will describe additional options
–numeric: Display ddresses numerically rather than symbolically and numerically
           (saves  a  nameserver address-to-name lookup).
–debug <level>: Debug Level – High, Med, Low or any #.
–splithosts: Create a report for each host in syslog.
–multiemail: Send each host report in a separate email.  Ignored if
              not using –splithosts.
–output <output type>: Report Format – mail, html-embed, html or unformatted#.
–version: Displays current version.
–help: This message.
* = Switch can be specified multiple times…

但是每天ssh到服务器上使用太不方便,还好logwatch提供了mail功能
#nano /etc/logwatch/conf/logwatch.conf
修改下面的root为你自己的邮件地址
MailTo = root
同时,因为我们需要了解服务器的详细信息,所以,修改下面的
Detail = 是细节度,推荐 10 ,即最高

为什么总有人。。

这几天分析网站的日志,发现总是会出现下面这种请求,每天n多次。。
2006-01-11_22-04-52.jpg
这张图是awstats生成的。比较准确,但也暴露了awstats的一个问题,也就是我说的,一个强大的log分析软件需要做到的。

我需要可以查看访问某个页面的所有ip;或者查看某一个ip访问过的所有页面。并且我需要知道访问者在asp或者php后面提交的参数是什么?是”asp?id=1″?还是”asp?id=adjfask”?这些,我都需要知道。

Analyzing Web Server Logs

Log files are not fun to look at. They are ugly, contain too much information, and often lead to massive headaches. Fortunately, these beasts can be tamed for more capacities than just debugging; they can used to generate wonderful reports that make sense. A number of programs are out there to analyze Web server logs, and this article will cast the spotlight in their direction.
 
Before evaluating the software packages, determine the type of data you wish to see. Although most of the software we looked at supports more than just Web server logs, this article discusses only Web server output. Log analysis programs can show everything from a list of IP addresses connected to the Web server to a pie chart detailing which files were accessed most often. The majority of popular Web log analysis tools try to make sense of every piece of data in the logs, but few succeed in making the data readable.
 
Some log file analysis packages cannot distinguish pertinent information from the raw log file itself. Displaying statistics in an aesthetically pleasing manner is a very important attribute. Every once in a while, user interface designers create a new paradigm, setting a standard that other designers attempt to emulate. Arguably, Apple has done this with its OS X desktop environment, and some Web log analysis programs do this better than others.
 
Webalizer is one popular log analysis tool. Many people prefer it because it is written in C and runs quite fast. The graphics, however, are not optimal. The gd graphics library supplies some readable charts, but they are not as aesthetically attractive as they could be. The reports themselves are sufficient for providing a quick glimpse of a few important data points; namely "what pages are accessed" and "how many hits are we getting." A wealth of information can be extracted from Web logs. When done properly, the information is not so overwhelming. Webalizer is adequate, but its mediocre graphics and lack of statistics, earn it a mere three stars in our five-star ad hoc award system.
 
Analog, favored by a small group of die-hard fans, is another worthy contender. Analog attempts to present everything, but it is an example of how to include too much information for normal human consumption. By default, everything is displayed on the same Web page. A navigation bar at the top allows users to click on a specific report, which drills down to another section of the page. Analog’s saving grace is the navigation bar at the top of each section, which simplifies the navigation — somewhat. Analog’s more interesting reports include listings of: how many hits come from each country (TLD, actually), search engine queries that brought users to the Web site, and which browsers and operating systems visitors used. The software is capable of presenting just about everything else derivable from Web server logs. The graphics are a slight improvement over Webalizer gd-based graphics, but the pie and bar charts still leave much to be desired. Because Analog includes much useful information, and the navigation isn’t completely unusable, we feel it deserves an apprehensive four out of five stars.
 
Summary is a commercial log analysis tool for which a 30-day trial is available. This package includes all possible information and lists options in a text Web page for users to click on. When you follow a link, for example, "Bandwidth Peak," you are brought to fairly decent Web page that lists bandwidth usage by time. A small bar graph accompanies each entry, but the graphics in Summary are quite minimal. Here, minimal is not a defect. Quite the contrary; Summary is really decent looking. However, the overall GUI is cumbersome, and it took us a good bit of time to browse to each report we wished to see. The cost of Summary is not prohibitive, and the reports are decent, albeit not awe-inspiring. We rate it four out of five.
 
No discussion of Web log analysis software would be complete without at least a nod to WebTrends. The sheer scope of WebTrends Web Log Analyzer (another commercial offering) earns it an honorable mention here. Its Web site makes the auspicious claim of increasing return on investment, and even asserts "This is Complete Web Analysis." Not surprisingly, WebTrends is not for organizations with skinny wallets. The online demos reflect how great GUI design should look, and it does indeed look great. The company’s claims of usability appear founded, and it has even included a way to access all of the information available from Web server logs. WebTrends has been around for more than a decade and plays nicely with IIS. We are giving it four out of five stars, based solely on what we learned in the product’s impressive Web-based demo.
 
The grail of log analysis, AWStats, is by far the best looking of all of the Free Web log analysis tools we’ve seen. AWStats is also the only Perl-based application on the list. Its graphics are superb, and its information is presented in an excellent manner. At a glance, users can view all available reports and navigate seamlessly between them. Many users will be amazed at the amount of detail the program can extract from the log files. Small browser icons and flags for various countries add to the already-pleasing GUI. AWStats includes all of the features mentioned above for other programs, and is in a readable format, to boot. We give it the full five stars.
 
Of course, there are countless other log analysis programs, but these are the more commonly deployed ones.
 
Compatibility, which is normally a key issue, is not a great concern when it comes to log analysis tools. The Apache Web server produces logs in a standardized format, called NCSA combined log files. IIS W3C conformant format is also supported by most of the analysis programs listed here.
 
In a later article, we will explore the other types of log files most of these programs can work on, including mail and FTP.

web log分析

我需要一个web分析软件。应该具有如下的功能:
1、具有普通log分析的功能
2、可以记录每个页面访问时提交的信息,比如asp?后面的内容
3、可以具体分析出访问某个具体页面的visitors。或者可以查看某个visitor访问过的页面
 
第一条似乎100%的log分析软件实现了。
第二条似乎大部分分析软件都去掉了:(
第三条支持的也不多,我只见过一个
 
 
今天测试了n个log分析软件。发现还是一个叫做web log explorer的符合要求,而且是他的pro版本。免费试用30,我没有找到破解。。
 
主要功能如下图。
 
 
 
2005-12-27_15-28-07.jpg 2005-12-27_15-28-16.jpg 2005-12-27_15-28-22.jpg 2005-12-27_15-28-43.jpg