Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: /var/log/httpd/access_log
Special Forums Cybersecurity /var/log/httpd/access_log Post 7772 by loadc on Monday 1st of October 2001 11:28:31 PM
Old 10-02-2001
Nimda@home, the search for intelligence on the internet
If you've got some spare processor lying around and the bandwidth to go with it, there are some scripts out there that will scan your logs, take the ips of the infected scanners, and resolve them, and tehn send off a mail to their ISP or whoever, and inform them of the machine's condition.....




loadc
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

mail access_log

i am trying to figure a way to email my access_log twice a month to myself right before the system zeros it. using crontab is the way to go, but the command to get mail to do the job is my problem. #------------------------------------------- #0-59 0-23 1-31 1-12 0-6 (0=Sunday) #min hour... (3 Replies)
Discussion started by: dayglow
3 Replies

2. Solaris

diff b/w /var/log/syslog and /var/adm/messages

hi sirs can u tell the difference between /var/log/syslogs and /var/adm/messages in my working place i am having two servers. in one servers messages file is empty and syslog file is going on increasing.. and in another servers message file is going on increasing but syslog file is... (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies

3. UNIX for Advanced & Expert Users

/var/adm/messages vs /var/log/messages

The /var/adm/messages in Solaris seem to log more system messages/errors compared to /var/log/messages in Linux. I checked the log level in Linux and they seem OK. Is there any other log file that contains the messages or is it just that Linux doesn't log great many things? (2 Replies)
Discussion started by: gomes1333
2 Replies

4. Emergency UNIX and Linux Support

/var/log/wtmp SuSE log permission rollback

Hello All, On my SuSE system, I have wtmp log this log file permission is 644 but every reboot the file permission rollback to 664. In the logrotate.conf and logrotate.d/wtmp files the wtmp logrotate set to 644. I would like to know, which "file" or "script" modify the wtmp log to rollback to... (7 Replies)
Discussion started by: kalaso
7 Replies

5. Solaris

Difference between /var/log/syslog and /var/adm/messages

Hi, Is the contents in /var/log/syslog and /var/adm/messages are same?? Regards (3 Replies)
Discussion started by: vks47
3 Replies

6. Shell Programming and Scripting

How can view log messages between two time frame from /var/log/message or any type of log files

How can view log messages between two time frame from /var/log/message or any type of log files. when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval. Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies

7. HP-UX

Script to monitor /var/opt/resmon/log/event.log file

AM in need of some plugin/script that can monitor HP-UX file "/var/opt/resmon/log/event.log" . Have written a scrip in sh shell that is working fine for syslog.log and mail.log as having standard format, have interrogated that to Nagios and is working as I required . But same script failed to... (3 Replies)
Discussion started by: Shirishlnx
3 Replies

8. Shell Programming and Scripting

Access_log parsing and blocking ip

Hello, my website under http get attack. When i check the access_log i can see like this. xx.xxx.xxx.xxx - - "GET //wp-admin/blabla/test.php?jASHSSAsgaGSAgsASGIGIG HTTP/1.1" 200 0 "-" "-" xxx.xxx.x.xx - - "GET //wp-admin/blabla/test.php?jASHSSAsgaGSAgsASGIGIG HTTP/1.1" 200 0 "-" "-" ... (3 Replies)
Discussion started by: SAYGIN
3 Replies

9. Shell Programming and Scripting

Log all the commands input by user at real time in /var/log/messages

Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below. function log2syslog { declare COMMAND COMMAND=$(fc -ln -0) logger -p local1.notice -t bash -i -- "$USER:$COMMAND" } trap... (12 Replies)
Discussion started by: invinzin21
12 Replies

10. Shell Programming and Scripting

Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog

I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog. tail -f /var/log/messages dblogger: msg_to_dbrow: no logtype using missing dblogger: msg_to_dbrow_str: val ==... (2 Replies)
Discussion started by: kenshinhimura
2 Replies

LEARN ABOUT DEBIAN

common2dlf

COMMON2DLF.IN(1)					  LogReport's Lire Documentation					  COMMON2DLF.IN(1)

NAME

       common2dlf - convert Common Log Format web server log files to www DLF

SYNOPSIS

       common2dlf file

DESCRIPTION

       common2dlf converts Common Log Format web server log files to the www DLF. Common Log Format is a standard log format that was originally
       implemented in the CERN httpd web server but that now supported nowadays by most web servers. Apache, IIS, Boa and PureFTPD can be
       configured to log in that format.

       If the file argument is missing, STDIN will get parsed.	DLF will be printed on STDOUT.

COMMON LOG FORMAT

       The Common Log Format has the following format:

       remotehost rfc931 authuser [date] "request" status bytes

       where the fields have the following meaning:

       remotehost
	   The host that made the request. Can be an IP or a hostname.

       rfc931
	   The result of an ident lookup on the host. This is usually never used.

       authuser
	   The authenticated username.

       date
	   The timestamp of the request.

       request
	   The first line of the request. Usually in the format "method request-uri http-version".

	   See also RFC 2616, section 5.1.

       status
	   The result status of the request. i.e. 200, 301, 404, 500.

       bytes
	   The size of the request sent to the client.

       Log example:

	 127.0.01 - - [11/03/2001 12:12:01 -0400] "GET / HTTP/1.0" 200 513
	 dsl1.myprovider.com - francis [11/03/2001 12:14:01 -0400] "GET /secret/ HTTP/1.0" 200 1256

EXAMPLES

       To process a log as produced in the common logformat:

	$ lr_run common2dlf < common.log

       common2dlf will be rarely used on its own, but is more likely called by lr_log2report:

	$ lr_log2report common < /var/log/httpd/common.log

SEE ALSO

       combined(2), modgzip2dlf(1), referer2dlf(1)

AUTHORS

       Joost van Baal <joostvb@logreport.org>, Francis J. Lacoste <flacoste@logreport.org> and Egon Willighagen <egonw@logreport.org>, based on an
       idea by Edwin Groothuis

VERSION

       $Id: common2dlf.in,v 1.15 2006/07/23 13:16:36 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2000, 2001 Stichting LogReport Foundation LogReport@LogReport.org

       This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
       the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2006-07-23							  COMMON2DLF.IN(1)
All times are GMT -4. The time now is 08:16 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy