Date: Thu, 2 Aug 2001 11:51:44 +0200 (CEST) From: Alexander Leidinger <Alexander@Leidinger.net> To: eric@monkey-online.net Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Data traffic monitoring for virtualhosts Message-ID: <200108020951.f729pkg37264@Magelan.Leidinger.net> In-Reply-To: <3B6880F3.E71EEE47@monkey-online.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2 Aug, Eric Veraart wrote: > I think this is a FAQ, but I can't find it in the archives; which packet > would you recommend to log data traffic for virtual hosts on Apache? > I thought Webalizer was ok, but I heard some negative reports about it > today. Then I stumbled upon Apache::Traffic > (http://www.perldoc.com/cpan/Apache/Traffic.html), which seems to be ok. > > Anyone got a recommendation? Just have a look at the output of those programs and choose the one you like the most. Other programs which also do loganalyzing are analog and modlogan (http://www.kneschke.de/projekte/modlogan/). For the later one you can find a port at http://www.leidinger.net/FreeBSD/. And an excerpt of the manual if you collect the logdata for every vhost in one file: ---snip--- 1. logfile splitter =================== plugin: processor/web option: splitby if you want to split one input stream into different output stream, you need a logfile splitter. you can use an external script as a preprocessor or use the splitter-support of the web processor plugin. input stream (input plugin) | +-- ... ---+--- ... ---+ (processor plugin) | | | | | | output streams (output plugins) to enable this feature add a splitby definition to the processor_web section of your config-file. a splitby definition is the following string: splitby=<field>,"<regex>",<name> where <field> is: srvhost - for the host which served the request srvport - for the port where the host listened at requser - for the authenticated user requrl - for the requested url reqhost - for the requesting host refurl - for the referring url default - 'joker' which matches everything. <regex> is a regular expression which has to successfully been matched and <name> a name to group the splitted records again. <name> is also used as the name of the subdirectory where the reports are placed. if you specify multiple splitby definitions they a checked from the first to last. if one check is successfull the generated name is used as <name>. NOTE: the splitter has to return a name and it's your job to make sure that a name is available - by using a always matching definition e.g. splitby=srvhost,"(.*)",$1 - by specifing a 'default' definition. Examples 1: ----------- let's assume that we have the following directory structure: /users/~j.kneschke/index.html /users/~project.modlogan/index.html the definition -- splitby=requrl,"^/users/~(.*?)/.*$",host_$1 -- will divide the records according to the string between the '~' and the '/'. the string will be taken and added the name. /users/~j.kneschke/index.html -> host_j.kneschke /users/~project.modlogan/index.html -> host_project.modlogan directories will be created (if it doesn't exist) in the directory which you specifiy with global:outputdir with the name host_j.kneschke and host_project.modlogan. each directory contains the reports for the respective splitted logs. ---snip--- Bye, Alexander. -- Press every key to continue. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108020951.f729pkg37264>