Date: Wed, 04 Jun 2003 21:52:13 -0400 From: Chuck Swiger <cswiger@mac.com> To: keith@smmc.qld.edu.au Cc: freebsd-questions@freebsd.org Subject: Re: How to analyse squid logs and wierd time stamps Message-ID: <3EDEA24D.8040505@mac.com> In-Reply-To: <2280.10.0.0.2.1054777172.squirrel@localhost.smmc.qld.edu.au> References: <2280.10.0.0.2.1054777172.squirrel@localhost.smmc.qld.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
keith@smmc.qld.edu.au wrote: [ ... ] > 1049884671.477 240 10.0.1.121 TCP_HIT/200 744 GET > ftp://ftpav.ca.com/pub/inoculan/scaneng/Siglist.txt - NONE/- text/plain > ... Whoa! > Anyone know of a port to analyse this stuff and change what MIGHT be a > timestamp to something a mortal like me can read?? Sure. Install /usr/ports/net/adns and /usr/ports/www/analog. Check out and update the analog config file in /usr/local/etc. cd to where your log files are, and DNS resolve the IPs via: adnslogres -c 20000 < access_log > access_log.dns ...then run analog against this (DNS-resolved) logfile, and it will generate lots of info. You can also do other things with the DNS-resolved logfile using other tools, but most of 'em will prefer to start with the output of adnslogres, so that step is worth doing. -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EDEA24D.8040505>