From owner-freebsd-questions@FreeBSD.ORG  Wed Jun  4 19:21:42 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BDEF337B404
	for <freebsd-questions@freebsd.org>;
	Wed,  4 Jun 2003 19:21:42 -0700 (PDT)
Received: from smmcroute.smmc.qld.edu.au (stmarg3.lnk.telstra.net
	[165.228.7.207])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7DD1E43FA3
	for <freebsd-questions@freebsd.org>;
	Wed,  4 Jun 2003 19:21:38 -0700 (PDT)
	(envelope-from keith@smmc.qld.edu.au)
Received: (qmail 74916 invoked by uid 89); 5 Jun 2003 02:21:26 -0000
Received: from unknown (HELO smmc.qld.edu.au) (127.0.0.1)
  by localhost with SMTP; 5 Jun 2003 02:21:26 -0000
Received: from 10.0.0.2 (proxying for 10.0.1.172)
        (SquirrelMail authenticated user keith)
        by localhost.smmc.qld.edu.au with HTTP;
        Thu, 5 Jun 2003 12:21:26 +1000 (EST)
Message-ID: <4209.10.0.0.2.1054779686.squirrel@localhost.smmc.qld.edu.au>
Date: Thu, 5 Jun 2003 12:21:26 +1000 (EST)
From: <keith@smmc.qld.edu.au>
To: <cswiger@mac.com>
In-Reply-To: <3EDEA24D.8040505@mac.com>
References: <2280.10.0.0.2.1054777172.squirrel@localhost.smmc.qld.edu.au>
        <3EDEA24D.8040505@mac.com>
X-Priority: 3
Importance: Normal
X-Mailer: SquirrelMail (version 1.2.11)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
cc: freebsd-questions@freebsd.org
cc: keith@smmc.qld.edu.au
Subject: Solved!! > Re: How to analyse squid logs and wierd time stamps
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jun 2003 02:21:43 -0000

Hi..what legends are FBSD people!
Keith


> keith@smmc.qld.edu.au wrote:
> [ ... ]
>> 1049884671.477    240 10.0.1.121 TCP_HIT/200 744 GET
>> ftp://ftpav.ca.com/pub/inoculan/scaneng/Siglist.txt - NONE/-
>> text/plain ... Whoa!
>> Anyone know of a port to analyse this stuff and change what MIGHT be a
>> timestamp to something a mortal like me can read??
>
> Sure.  Install /usr/ports/net/adns and /usr/ports/www/analog.  Check out
> and  update the analog config file in /usr/local/etc.
>
> cd to where your log files are, and DNS resolve the IPs via:
>
> adnslogres -c 20000 < access_log > access_log.dns
>
> ...then run analog against this (DNS-resolved) logfile, and it will
> generate  lots of info.  You can also do other things with the
> DNS-resolved logfile using  other tools, but most of 'em will prefer to
> start with the output of adnslogres,  so that step is worth doing.
>
> -Chuck