Date: Thu, 5 Jun 2003 12:21:26 +1000 (EST) From: <keith@smmc.qld.edu.au> To: <cswiger@mac.com> Cc: keith@smmc.qld.edu.au Subject: Solved!! > Re: How to analyse squid logs and wierd time stamps Message-ID: <4209.10.0.0.2.1054779686.squirrel@localhost.smmc.qld.edu.au> In-Reply-To: <3EDEA24D.8040505@mac.com> References: <2280.10.0.0.2.1054777172.squirrel@localhost.smmc.qld.edu.au> <3EDEA24D.8040505@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi..what legends are FBSD people! Keith > keith@smmc.qld.edu.au wrote: > [ ... ] >> 1049884671.477 240 10.0.1.121 TCP_HIT/200 744 GET >> ftp://ftpav.ca.com/pub/inoculan/scaneng/Siglist.txt - NONE/- >> text/plain ... Whoa! >> Anyone know of a port to analyse this stuff and change what MIGHT be a >> timestamp to something a mortal like me can read?? > > Sure. Install /usr/ports/net/adns and /usr/ports/www/analog. Check out > and update the analog config file in /usr/local/etc. > > cd to where your log files are, and DNS resolve the IPs via: > > adnslogres -c 20000 < access_log > access_log.dns > > ...then run analog against this (DNS-resolved) logfile, and it will > generate lots of info. You can also do other things with the > DNS-resolved logfile using other tools, but most of 'em will prefer to > start with the output of adnslogres, so that step is worth doing. > > -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4209.10.0.0.2.1054779686.squirrel>