Where are my web log files?

uoba

uoba

Re: member
Hello

Just downloaded Analog to use for web logging, but, where are my web log files stored, and how do I get them to work in Analog?

[EDIT]:

OK, I've found an access_log for Apache, here's an additional question:

Looking through the list of connections, I can see my machines own number when testing web pages internally (this is my home machine I'm testing on), however there seems to be a few ip addresses that are not mine, with some dodgy looking paths on there, what do you think:

212.0.132.10 - - [21/May/2002:00:02:30 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 276
212.0.132.10 - - [21/May/2002:00:02:32 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 274
212.0.132.10 - - [21/May/2002:00:02:33 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284
212.0.132.10 - - [21/May/2002:00:02:35 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284
212.0.132.10 - - [21/May/2002:00:02:36 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298

and also...

62.3.17.158 - - [26/May/2002:10:52:30 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 276
62.3.17.158 - - [26/May/2002:10:52:32 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 274
62.3.17.158 - - [26/May/2002:10:52:34 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284
62.3.17.158 - - [26/May/2002:10:52:36 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284
62.3.17.158 - - [26/May/2002:10:52:37 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298

I gather from the information it's a Windows search, but is it someone trying there chances (these hark back to when I was still sorting out the network, I haven't had such logs since the Firewall and router was configured)?
 
HeHeHeHeHe

some turkeys actually use windows, you know...

On top of that they are ppp users and they have IIS personal webserver enabled by default ...and... the have been infected by either code red, nimda or <FLAVOR OF THE WEEK> web worm/virus for windows then their pathethic excuse for an operating system allows the machine to continuously search the web for other possible inhabitible environments which your machine is not one of....

Additionally, those users are so out of it that not only they never notice that the perfomace of the machine is hampered, but they never ever read any announcements on the net. which are all at least 10 or 12 months old:
Warning the jerks to go to microsoft every 30 minutes to download the latest patch software.

But who has time for that anyway since all of their on-line time is spent searching yahoo for kiddie porn...

those probes to your machine are not only dodgy, they are perverse...evil.

and speaking of evil M$ now has the perfect solution

the project is called Palladium but they will change the name to MSgimmeeyourwallet and put on these MShandcuffs

One more product is planned which will be called MSkickOpenSourceintheBallser which really has nothing to do with online security but is a good bit of fun while you wait for MShandcuffs to verify your keys.....

those bogus requests won't hurt you but they may annoy the hell out of you.
------------------------------------------
M$ has no business on the .NET so they have decided to become information highwaymen
 
That's made me feel better:D ...

I traced one of the ip's to a Egyptian companies web site, and another to a Windows Server login page. Oh well.
 
i get hundreds of requests like that a week. stupid code red. i hate how it clogs up my logs....


uoba, how about analog? it rocks, right!
 
but I ain't figured out how to get it to automatically read my Apache log file without first copying it to the desktop and placing it into the Analog folder!

Also, (but I haven't really looked properly yet) the log for things like users systems and browser etc wasn't apparent.

But it works just nice;)
 
Hi,

A couple of questions concerning the server logs. I am running OS X 1.5.1.

I was able to find the files at /var/log/httpd/ by using terminal.

(1) How do I copy/move these files so I can run an application (Summary) to analyze the logs? I tried stopping the server and copying, but I did not have privileges to save the file. I was operating from an administrative account. It obviously doesn't have the privileges I need.

Does the server have to be stopped to copy the logs?

Based on previous comment, do I just save them to desktop space? Is this done only in terminal or can I navigate to these files using the UI?

Does anyone have a routine that copies/renames the files for periodic traffic reporting and then start the logging again. I'd like to grab weekly statistics and analyze them.

Many thanks,

Howard
 
You must log in or register to reply here.
Back
Top