115
118
Examples of used platforms (bold means 'tested by author', others were reported by AWStats users to work correctly) :<br>
116
119
<table bgcolor=#F4F4F4 width="100%" class=CFAQ><tr class=CFAQ><td class=CFAQ>
118
<b>Windows 2000</b>, <b>Windows NT 4.0</b>, Windows Me, <b>Linux (RedHat, Mandrake, Debian, Suse...)</b>, Macintosh, <b>Solaris</b>, <b>Aix</b>, BeOS, ...<br>
121
<b>Windows 2000</b>, <b>Windows NT 4.0</b>, Windows Me, <b>Linux (RedHat, Mandrake, Debian, Suse...)</b>, Macintosh, <b>Solaris</b>, <b>Aix</b>, BeOS, FreeBSD, ...<br>
119
122
<u>Web/Wap/Proxy/Streaming servers</u><br>
120
123
<b>Apache 1.3.x and 2.x</b>, <b>IIS 5.0 and 6.0</b>, WebStar, WebLogic, WebSite, <b>Windows Media Server</b>, Tomcat, <b>Squid</b>,
121
124
Sambar, Roxen, Resin, RealMedia server, Oracle9iAS, <b>Lotus Notes/Domino</b>, Darwin, IPlanet, IceCast, ZeroBrand, Zeus, Zope, Abyss...<br>
122
125
<u>FTP servers</u><br>
123
<b>ProFTP</b>, ...<br>
126
<b>ProFTPd</b>, vsFTPd...<br>
124
127
<u>Mails servers</u><br>
125
128
<b>Postfix</b>, <b>Sendmail</b>, QMail, <b>Mdaemon</b>, www4mail, ...<br>
126
129
<u>Perl interpreters (all Perl >= 5.005):</u><br>
171
175
Icelandic=is, Indonesian=id, Italian=it, Japanese=jp, Korean=kr,
172
176
Latvian=lv, Norwegian (Nynorsk)=nn, Norwegian (Bokmal)=nb, Polish=pl,
173
177
Portuguese=pt, Portuguese (Brazilian)=br, Romanian=ro, Russian=ru,
174
Serbian=sr, Slovak=sk, Spanish=es, Swedish=se, Turkish=tr, Ukrainian=ua,
178
Serbian=sr, Slovak=sk, Solvenian=si, Spanish=es, Swedish=se, Thai=th,
179
Turkish=tr, Ukrainian=ua, Welsh=cy.
176
180
</td></tr></table>
178
182
However, AWStats documentation is only provided in English.<br>
179
183
But, you may find small documentation for other languages made by contributors on
180
184
<a href="http://awstats.sourceforge.net/awstats_contrib.html#DOC">Documentation Contrib page</a>.<br>
186
If your language is not in this list, you can translate it yourself. For this, find what is your
187
2 letter language code: <a href="http://www.oasis-open.org/cover/iso639a.html">here</a>.<br>
188
Once, you get it, for example "gl" for Galician, copy the file awstats-en.txt into awstats-<i>gl</i>.txt,
189
in langs directory and translate every sentences inside. You can do same for files inside
190
tooltips_f, tooltips_m and tooltips_w sub-directories. Then send your translated file(s) to eldy@users.sourceforge.net.<br>
183
193
<a name="PHPNUKE"></a><br>
184
194
<b><u>FAQ-ABO250 : CAN AWSTATS BE INTEGRATED WITH PHP NUKE ?</u></b><br>
185
I don't know any plan to make an Add-On for PHPNuke to include AWStats, for the moment.
186
But this can change. You should ask to have a such Add-On to PHPNuke authors, and on PHPNuke forums.<br>
195
The only plugin I know to integrate AWStats inside PHPNuke is here: <a href="http://phpnuke.org/modules.php?name=News&file=article&sid=7041">PhpNuke addon for AWStats</a><br>
295
306
Now you can use AWStats as usual (run the update process and read statistics).<br>
309
<u>With vsFTPd, or any FTP server that log with xferlog format</u>:<br>
311
1- Check your server log file format:<br>
313
Take a look at your FTP server log file. You must have a format that match the following example to
315
<table width="95%" border=1 cellpadding=0 cellspacing=0><tr class=CFAQ><td class=CFAQ>
316
<i>Wed Jan 01 19:29:35 2001 1 192.168.1.1 102 /home/file1.txt b _ o r username ftp 0 * c</i>
319
2- Then setup AWStats to analyze the FTP log file:<br>
321
If your FTP log file format looks good, copy config file "awstats.model.conf" to "awstats.ftp.conf".<br>
322
Modify this new config file:
323
<table width="95%" border=1 cellpadding=0 cellspacing=0><tr class=CFAQ><td class=CFAQ>
325
LogFile="/var/log/xferlog"
327
<br>LogFormat="%time3 %other %host %bytesd %url %other %other %method %other %logname %other %code %other %other"
328
<br>LogSeparator="\s"
330
<br>LevelForBrowsersDetection=0
331
<br>LevelForOSDetection=0
332
<br>LevelForRefererAnalyze=0
333
<br>LevelForRobotsDetection=0
334
<br>LevelForWormsDetection=0
335
<br>LevelForSearchEnginesDetection=0
338
<br>ShowMonthStats=UVHB
339
<br>ShowDaysOfMonthStats=HB
340
<br>ShowDaysOfWeekStats=HB
341
<br>ShowHoursStats=HB
342
<br>ShowDomainsStats=HB
343
<br>ShowHostsStats=HBL
344
<br>ShowAuthenticatedUsers=HBL
345
<br>ShowRobotsStats=0
346
<br>ShowEMailSenders=0
347
<br>ShowEMailReceivers=0
348
<br>ShowSessionsStats=1
349
<br>ShowPagesStats=PBEX
350
<br>ShowFileTypesStats=HB
351
<br>ShowFileSizesStats=0
352
<br>ShowBrowsersStats=0
354
<br>ShowOriginStats=0
355
<br>ShowKeyphrasesStats=0
356
<br>ShowKeywordsStats=0
358
<br>ShowHTTPErrorsStats=0
359
<br>ShowSMTPErrorsStats=0
360
</i></td></tr></table>
362
Now you can use AWStats as usual (run the update process and read statistics).<br>
298
366
<a name="MAIL"></a><br>
299
<b><u>FAQ-COM100 : SETUP FOR MAIL LOG FILES (POSTFIX, SENDMAIL, QMAIL, MDAEMON, EXCHANGE...)</u></b><br>
367
<b><u>FAQ-COM100 : SETUP FOR MAIL LOG FILES (Postfix, Sendmail, Qmail, MDaemon, Exchange...)</u></b><br>
300
368
<font class=CProblem>PROBLEM:</font><br>
301
What do I have to do to use AWStats to analyze my mail log files.<br>
369
What do I have to do to use AWStats to analyze my mail log files ?<br>
302
370
<font class=CSolution>SOLUTION:</font><br>
304
372
This tip works with AWStats 5.5 or higher.<br>
370
438
Despite the high number of possible log format provided with Exchange,
371
439
none of them is built enough seriously to offer an interseting analyze (missing informations,
372
440
messy data, no id to join multiple records for same mail, etc...).
373
For this reason, an "interesting" log analysis is a joke with Exchange log files (No data is
374
better than false data). So forget using AWStats or use a more serious mail server (sendmail,
375
postfix, qmail, mdaemon, ...). Sorry.<br>
377
Your Exchange mail log file might looks like this:<br>
378
<i>2002-9-29 0:3:2 GMT - - - S_EXCHANG01 - /O=INVESTMENT SCORECARD INC/OU=MAIL/CN=RECIPIENTS/CN=KJOHNSON 1027 1640EF7202084243942C5EC620117D376B68AA@s_exchang01.investmentscorecard.com 0 0 1943 2 2002-9-29 0:3:2 GMT 0 - c=US;a= ;p=Investment Score;l=S_EXCHANG01-020929000302Z-2583 Dev Request Late Notification: KS_CM00004271 EX:/O=INVESTMENT SCORECARD INC/OU=MAIL/CN=RECIPIENTS/CN=CLEARQUEST(KS_CM) -</i><br>
379
Copy config awstats.model.conf file to "awstats.mail.conf".<br>
441
For this reason, an "exact" log analysis is a joke with Exchange log files.
442
However a little support is provided. In order to analyze Exchange traffic, you have to
443
enable "Message Tracking" (see article http://support.microsoft.com/default.aspx?scid=kb;EN-US;246856).<br>
444
Then copy config awstats.model.conf file to "awstats.mail.conf".<br>
380
445
Modify this new config file:
446
<table width="95%" border=1 cellpadding=0 cellspacing=0><tr class=CFAQ><td class=CFAQ>
382
<br>LogFile="yourmaillogfilename"
383
<br>LogFormat="%time2 %other %host %other %other %other %email %method %other %url %code %bytesd %other %other %other %other %other %other %email_r"
384
<br>LogSeparator="\t"
449
<br>LogFormat="%time2 %email %email_r %host %host_r %method %url %code %bytesd"
450
<br>LevelForBrowsersDetection=0
451
<br>LevelForOSDetection=0
452
<br>LevelForRefererAnalyze=0
453
<br>LevelForRobotsDetection=0
454
<br>LevelForWormsDetection=0
455
<br>LevelForSearchEnginesDetection=0
456
<br>LevelForFileTypesDetection=0
458
<br>ShowMonthStats=HB
459
<br>ShowDaysOfMonthStats=HB
460
<br>ShowDaysOfWeekStats=HB
461
<br>ShowHoursStats=HB
462
<br>ShowDomainsStats=0
463
<br>ShowHostsStats=HBL
464
<br>ShowAuthenticatedUsers=0
465
<br>ShowRobotsStats=0
466
<br>ShowEMailSenders=HBML
467
<br>ShowEMailReceivers=HBML
468
<br>ShowSessionsStats=0
470
<br>ShowFileTypesStats=0
471
<br>ShowFileSizesStats=0
472
<br>ShowBrowsersStats=0
474
<br>ShowOriginStats=0
475
<br>ShowKeyphrasesStats=0
476
<br>ShowKeywordsStats=0
478
<br>ShowHTTPErrorsStats=0
479
<br>ShowSMTPErrorsStats=1
484
Also don't forget that with Exchange, informations in a log analyses can't be exact.
485
Do not send any questions or requests for using AWStats with Exchange, this is not a problem in
486
AWStats and we have no time to support non opened products.<br>
487
If you want to have complete and accurate information with Exchange, forget using AWStats or use a
488
more serious mail serveur (Postfix, Sendmail, QMail...)<br>
388
491
<a name="MEDIASERVER"></a><br>
389
<b><u>FAQ-COM110 : SETUP FOR A MEDIA SERVER (REALMEDIA, WINDOWS MEDIA SERVER)</u></b><br>
492
<b><u>FAQ-COM110 : SETUP FOR A MEDIA SERVER (REALMEDIA, WINDOWS MEDIA SERVER, DARWIN STREAMING SERVER)</u></b><br>
390
493
<font class=CProblem>PROBLEM:</font><br>
391
494
What do I have to do to use AWStats to analyze my Media Server log files.<br>
392
495
<font class=CSolution>SOLUTION:</font><br>
769
872
log files but that are only one page "viewed".<br>
772
If you want to check how serious is your log analyzer, try to parse the following log file:<br>
875
If you want to check how serious is your log analyzer, try to parse the following log file.
876
It's a very common log file but results will show you how bad are most log analyzers (above
877
all commercial products):<br>
773
878
<table width="95%" border=1 cellpadding=0 cellspacing=0><tr class=CFAQ><td class=CFAQ>
774
879
<i><font style="font: 8px verdana,arial,helvetica">
775
<br># This is a sample of log file that contains a lot of various data we can find
776
<br># in a log file. Great sample to test reliability and accuracy of any log
778
<br># ----------------------------------------------------------------------------
779
<br># This sample log file contains 10 differents IPs that are :
780
<br># 6 human visits done, by 5 different true visitors
781
<br># 1 proxy visit done, by one of the 5 true visitors
782
<br># 1 try of a 6th human visit failed because of wrong url
785
<br># 1 add to favourites (two hits but first is non root hit with error)
786
<br># ----------------------------------------------------------------------------
787
<br># 80.8.55.1 2 visits (start at 00:00:00 and at 12:00:00 with both entry page on /)
788
<br># 80.8.55.2 this is not a visit, only an image included into a page of an other site
789
<br># 80.8.55.3 1 visit (and add home page to favourites)
790
<br># 80.8.55.4 same visitor than 80.8.55.3 using aol proxy
791
<br># 80.8.55.5 not a visit (but a bot indexing)
792
<br># 80.8.55.6 1 visit (authenticated visitor)
793
<br># 80.8.55.7 1 visit (authenticated visitor with space in name)
794
<br># 80.8.55.8 not a visit (try but failed twice with 404 and 405 error)
795
<br># 80.8.55.9 not a visit (but a worm attack)
796
<br># 80.8.55.10 1 visit that come from web page not search engines
799
<br>80.8.55.1 - - [01/Jan/2001:00:00:10 +0100] "GET /page1.html HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
800
<br>80.8.55.1 - - [01/Jan/2001:00:00:00 +0100] "GET / HTTP/1.0" 200 7009 "http://www.sitereferer/cgi-bin/search.pl?q=a" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
801
<br>80.8.55.1 - - [01/Jan/2001:00:00:20 +0100] "GET /page2.cgi HTTP/1.0" 200 7009 "http://localhost/page1.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
802
<br>80.8.55.1 - - [01/Jan/2001:00:00:25 +0100] "GET /page3 HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
803
<br>80.8.55.1 - - [01/Jan/2001:00:00:30 +0100] "GET /image.gif HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
804
<br>80.8.55.1 - - [01/Jan/2001:00:00:35 +0100] "GET /image2.png HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
805
<br>80.8.55.1 - - [01/Jan/2001:00:00:40 +0100] "GET /dir/favicon.ico HTTP/1.0" 404 299 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
806
<br>80.8.55.1 - - [01/Jan/2001:00:00:40 +0100] "GET /favicon.ico HTTP/1.0" 200 299 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
807
<br>80.8.55.1 - - [01/Jan/2001:12:00:00 +0100] "GET / HTTP/1.0" 200 7009 "http://WWW.SiteRefereR:80/cgi-bin/azerty.pl?q=a" "Mozilla/4.7 [fr] (Win95; I)"
808
<br>80.8.55.1 - - [01/Jan/2001:12:00:10 +0100] "GET /page1.html HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
809
<br>80.8.55.1 - - [01/Jan/2001:12:00:20 +0100] "GET /page2.cgi HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
810
<br>80.8.55.1 - - [01/Jan/2001:12:00:25 +0100] "GET /page3 HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
811
<br>80.8.55.1 - - [01/Jan/2001:12:00:30 +0100] "GET /image.gif HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
812
<br>80.8.55.1 - - [01/Jan/2001:12:00:35 +0100] "GET /image2.png HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
813
<br>80.8.55.1 - - [01/Jan/2001:12:00:40 +0100] "GET /js/awstats_misc_tracker.js HTTP/1.1" 200 4998 "-" "Mozilla/4.7 [fr] (Win95; I)"
814
<br>80.8.55.1 - - [01/Jan/2001:12:00:45 +0100] "GET /js/awstats_misc_tracker.js?SCREEN=1024x768&CDI=32&JAVA=true&UC=UserCode1056710428488r6832&SC=SessionCode1056710428488r6832&SHK=N&FLA=Y&RP=N&MOV=N&WMA=Y&PDF=Y HTTP/1.1" 200 4998 "-" "Mozilla/4.7 [fr] (Win95; I)"
816
<br>80.8.55.2 - - [01/Jan/2001:12:01:00 +0100] "GET /hitfromothersitetoimage.gif HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312"
818
<br>80.8.55.3 - - [01/Jan/2001:12:01:10 +0100] "GET / HTTP/1.0" 200 7009 "http://www.sitereferer:81/cgi-bin/azerty.pl" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
819
<br>80.8.55.3 - - [01/Jan/2001:12:01:15 +0100] "GET /page1.html HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
820
<br>80.8.55.3 - - [01/Jan/2001:12:01:20 +0100] "GET /page2.cgi?x=a&family=a&y=b&familx=x HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
821
<br>80.8.55.3 - - [01/Jan/2001:12:01:25 +0100] "GET /page3 HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
822
<br>80.8.55.3 - - [01/Jan/2001:12:01:30 +0100] "GET /image.gif HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
823
<br>80.8.55.3 - - [01/Jan/2001:12:01:35 +0100] "GET /image2.png HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
825
<br>80.8.55.4 - - [01/Jan/2001:12:01:45 +0100] "GET /samevisitorthan80.8.55.3usingaolproxy.gif HTTP/1.0" 200 7009 "-" "Mozilla/3.0 (Windows 98; U) Opera 6.03"
827
<br>80.8.55.5 - - [01/Jan/2001:12:02:00 +0200] "GET /robots.txt HTTP/1.0" 200 299 "-" "GoogleBot"
828
<br>80.8.55.5 - - [01/Jan/2001:12:02:05 +0200] "GET / HTTP/1.0" 200 7009 "-" "GoogleBot"
830
<br>80.8.55.6 - john [01/Jan/2001:13:00:00 +0100] "GET /cgi-bin/order.cgi?x=a&family=a&productId=998&titi=i&y=b&y=b HTTP/1.0" 200 7009 "http://www.google.com/search?sourceid=navclient&ie=utf-8&oe=utf-8&q=ma%C3%AEtre" "SAGEM-myX-5m/1.0_UP.Browser/6.1.0.6.1.103_(GUI)_MMP/1.0_(Google_WAP_Proxy/1.0)"
831
<br>80.8.55.6 - john [01/Jan/2001:13:00:00 +0100] "GET /cgi-bin/order.cgi?x=a&family=a&productId=998&titi=i&y=b&y=b HTTP/1.0" 200 7009 "http://www.google.com/search?sourceid=navclient&ie=utf-8&oe=utf-8&q=�l�ve" "SAGEM-myX-5m/1.0_UP.Browser/6.1.0.6.1.103_(GUI)_MMP/1.0_(Google_WAP_Proxy/1.0)"
833
<br>80.8.55.7 - John Begood [01/Jan/2001:13:01:00 +0100] "GET /cgi-bin/order.cgi;family=f&type=t&productId=999&titi=i#BIS HTTP/1.0" 200 7009 "-" "Mozilla/3.01 (compatible;)"
835
<br>80.8.55.8 - - [01/Jan/2001:14:01:20 +0100] "GET /404notfoundpage.html?paramnotpagefound=valparamnotpagefound HTTP/1.0" 404 0 "http://refererto404nofoundpage/pageswithbadlink.html?paramrefnotpagefound=valparamrefnotpagefound" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
836
<br>80.8.55.8 - - [01/Jan/2001:14:01:20 +0100] "GET /405error.html HTTP/1.0" 405 0 "http://refererto405error/pagesfrom405.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
838
<br>80.8.55.9 - - [01/Jan/2001:15:00:00 +0200] "GET /default.ida?XXXXXXXXXXXXXXXXXX%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 299 "-" "-"
840
<br>80.8.55.10 - - [01/Jan/2001:16:00:00 -0300] "GET / HTTP/1.1" 200 70476 "http://us.f109.mail.yahoo.com/ym/ShowLetter?box=Inbox&MoreYahooParams..." "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Hotbar 4.2.8.0)"
841
<br>80.8.55.10 - - [01/Jan/2001:17:00:00 -0300] "GET /page1.html HTTP/1.1" 200 70476 "http://www.freeweb.hu/icecat/filmek/film04.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Hotbar 4.2.8.0)"
842
<br>80.8.55.10 - - [01/Jan/2001:18:00:00 -0300] "GET /cgi-bin/awredir.pl?url=http://xxx.com/aa.html HTTP/1.1" 302 70476 "http://us.f109.mail.yahoo.com/ym/ShowLetter?box=Inbox&MoreYahooParams..." "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Hotbar 4.2.8.0)"
880
<br># This is a sample of log file that contains a lot of various data we can find
881
<br># in a log file. Great sample to test reliability and accuracy of any log
883
<br># ----------------------------------------------------------------------------
884
<br># This sample log file contains 10 differents IPs that are :
885
<br># 6 human visits, done by 5 different true visitors
886
<br># 1 proxy visit, done by one of the 5 true visitors
887
<br># 1 try of a 6th human visit failed because of wrong url (He saw nothing)
888
<br># 1 bot visit to index your site
890
<br># 1 add to favourites (two hits but first is non root hit with error meaning it's same "add")
891
<br># ----------------------------------------------------------------------------
892
<br># 80.8.55.1 2 visits (start at 00:00:00 and at 12:00:00 with both entry page on /)
893
<br># 80.8.55.2 this is not a visit, only an image included into a page of an other site
894
<br># 80.8.55.3 1 visit (and add home page to favourites)
895
<br># 80.8.55.4 same visitor than 80.8.55.3 using aol proxy
896
<br># 80.8.55.5 not a visit (but a bot indexing)
897
<br># 80.8.55.6 1 visit (authenticated visitor)
898
<br># 80.8.55.7 1 visit (authenticated visitor with space in name)
899
<br># 80.8.55.8 not a visit (try but failed twice with 404 and 405 error)
900
<br># 80.8.55.9 not a visit (but a worm attack)
901
<br># 80.8.55.10 1 visit that come from a web page that is not a search engine
903
<br>80.8.55.1 - - [01/Jan/2001:00:00:10 +0100] "GET /page1.html HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
904
<br>80.8.55.1 - - [01/Jan/2001:00:00:00 +0100] "GET / HTTP/1.0" 200 7009 "http://www.sitereferer/cgi-bin/search.pl?q=a" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
905
<br>80.8.55.1 - - [01/Jan/2001:00:00:20 +0100] "GET /page2.cgi HTTP/1.0" 200 7009 "http://localhost/page1.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
906
<br>80.8.55.1 - - [01/Jan/2001:00:00:25 +0100] "GET /page3 HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
907
<br>80.8.55.1 - - [01/Jan/2001:00:00:30 +0100] "GET /image.gif HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
908
<br>80.8.55.1 - - [01/Jan/2001:00:00:35 +0100] "GET /image2.png HTTP/1.0" 200 7009 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
909
<br>80.8.55.1 - - [01/Jan/2001:00:00:40 +0100] "GET /dir/favicon.ico HTTP/1.0" 404 299 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
910
<br>80.8.55.1 - - [01/Jan/2001:00:00:40 +0100] "GET /favicon.ico HTTP/1.0" 200 299 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
911
<br>80.8.55.1 - - [01/Jan/2001:12:00:00 +0100] "GET / HTTP/1.0" 200 7009 "http://WWW.SiteRefereR:80/cgi-bin/azerty.pl?q=a" "Mozilla/4.7 [fr] (Win95; I)"
912
<br>80.8.55.1 - - [01/Jan/2001:12:00:10 +0100] "GET /page1.html HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
913
<br>80.8.55.1 - - [01/Jan/2001:12:00:20 +0100] "GET /page2.cgi HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
914
<br>80.8.55.1 - - [01/Jan/2001:12:00:25 +0100] "GET /page3 HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
915
<br>80.8.55.1 - - [01/Jan/2001:12:00:30 +0100] "GET /image.gif HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
916
<br>80.8.55.1 - - [01/Jan/2001:12:00:35 +0100] "GET /image2.png HTTP/1.0" 200 7009 "-" "Mozilla/4.7 [fr] (Win95; I)"
917
<br>80.8.55.1 - - [01/Jan/2001:12:00:40 +0100] "GET /js/awstats_misc_tracker.js HTTP/1.1" 200 4998 "-" "Mozilla/4.7 [fr] (Win95; I)"
918
<br>80.8.55.1 - - [01/Jan/2001:12:00:45 +0100] "GET /js/awstats_misc_tracker.js?SCREEN=1024x768&CDI=32&JAVA=true&UC=UserCode1056710428488r6832&SC=SessionCode1056710428488r6832&SHK=N&FLA=Y&RP=N&MOV=N&WMA=Y&PDF=Y HTTP/1.1" 200 4998 "-" "Mozilla/4.7 [fr] (Win95; I)"
920
<br>80.8.55.2 - - [01/Jan/2001:12:01:00 +0100] "GET /hitfromothersitetoimage.gif HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312"
922
<br>80.8.55.3 - - [01/Jan/2001:12:01:10 +0100] "GET / HTTP/1.0" 200 7009 "http://www.sitereferer:81/cgi-bin/azerty.pl" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
923
<br>80.8.55.3 - - [01/Jan/2001:12:01:15 +0100] "GET /page1.html HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
924
<br>80.8.55.3 - - [01/Jan/2001:12:01:20 +0100] "GET /page2.cgi?x=a&family=a&y=b&familx=x HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
925
<br>80.8.55.3 - - [01/Jan/2001:12:01:25 +0100] "GET /page3 HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
926
<br>80.8.55.3 - - [01/Jan/2001:12:01:30 +0100] "GET /image.gif HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
927
<br>80.8.55.3 - - [01/Jan/2001:12:01:35 +0100] "GET /image2.png HTTP/1.0" 200 7009 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5a) Gecko/20030728 Mozilla Firebird/0.6.1"
929
<br>80.8.55.4 - - [01/Jan/2001:12:01:45 +0100] "GET /samevisitorthan80.8.55.3usingaolproxy.gif HTTP/1.0" 200 7009 "-" "Mozilla/3.0 (Windows 98; U) Opera 6.03"
931
<br>80.8.55.5 - - [01/Jan/2001:12:02:00 +0200] "GET /robots.txt HTTP/1.0" 200 299 "-" "GoogleBot"
932
<br>80.8.55.5 - - [01/Jan/2001:12:02:05 +0200] "GET / HTTP/1.0" 200 7009 "-" "GoogleBot"
934
<br>80.8.55.6 - john [01/Jan/2001:13:00:00 +0100] "GET /cgi-bin/order.cgi?x=a&family=a&productId=998&titi=i&y=b&y=b HTTP/1.0" 200 7009 "http://www.google.com/search?sourceid=navclient&ie=utf-8&oe=utf-8&q=ma%C3%AEtre" "SAGEM-myX-5m/1.0_UP.Browser/6.1.0.6.1.103_(GUI)_MMP/1.0_(Google_WAP_Proxy/1.0)"
935
<br>80.8.55.6 - john [01/Jan/2001:13:00:00 +0100] "GET /cgi-bin/order.cgi?x=a&family=a&productId=998&titi=i&y=b&y=b HTTP/1.0" 200 7009 "http://www.google.com/search?sourceid=navclient&ie=utf-8&oe=utf-8&q=�l�ve" "SAGEM-myX-5m/1.0_UP.Browser/6.1.0.6.1.103_(GUI)_MMP/1.0_(Google_WAP_Proxy/1.0)"
937
<br>80.8.55.7 - John Begood [01/Jan/2001:13:01:00 +0100] "GET /cgi-bin/order.cgi;family=f&type=t&productId=999&titi=i#BIS HTTP/1.0" 200 7009 "-" "Mozilla/3.01 (compatible;)"
939
<br>80.8.55.8 - - [01/Jan/2001:14:01:20 +0100] "GET /404notfoundpage.html?paramnotpagefound=valparamnotpagefound HTTP/1.0" 404 0 "http://refererto404nofoundpage/pageswithbadlink.html?paramrefnotpagefound=valparamrefnotpagefound" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
940
<br>80.8.55.8 - - [01/Jan/2001:14:01:20 +0100] "GET /405error.html HTTP/1.0" 405 0 "http://refererto405error/pagesfrom405.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"
942
<br>80.8.55.9 - - [01/Jan/2001:15:00:00 +0200] "GET /default.ida?XXXXXXXXXXXXXXXXXX%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 299 "-" "-"
944
<br>80.8.55.10 - - [01/Jan/2001:16:00:00 -0300] "GET / HTTP/1.1" 200 70476 "http://us.f109.mail.yahoo.com/ym/ShowLetter?box=Inbox&MoreYahooParams..." "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Hotbar 4.2.8.0)"
945
<br>80.8.55.10 - - [01/Jan/2001:17:00:00 -0300] "GET /page1.html HTTP/1.1" 200 70476 "http://www.freeweb.hu/icecat/filmek/film04.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Hotbar 4.2.8.0)"
946
<br>80.8.55.10 - - [01/Jan/2001:18:00:00 -0300] "GET /cgi-bin/awredir.pl?url=http://xxx.com/aa.html HTTP/1.1" 302 70476 "http://us.f109.mail.yahoo.com/ym/ShowLetter?box=Inbox&MoreYahooParams..." "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Hotbar 4.2.8.0)"
844
948
</td></tr></table><br>
845
949
<u>This is what you should find:</u><br>
846
950
6 true human visits<br>
847
951
5 different true visitors<br>
850
954
The entry pages for true visits should be "/" (even for 80.8.55.1) or "/cgi-bin/order.cgi" but nothing else.<br>
955
Note: I did not find any commercial log analyzer that can deal such a common log file correctly, so if you find, let me know !<br>
854
958
<a name="DIFFERENCE_HOURS"></a><br>
908
1012
<a name="MULTILOG"></a><br>
1013
<b><u>FAQ-COM360 : HOW CAN I PROCESS SEVERAL LOG FILES IN ONE RUN ?</u></b><br>
1014
<font class=CProblem>PROBLEM:</font><br>
1015
How can I update my statistics for several log file, in one run ?<br>
1016
<font class=CSolution>SOLUTION:</font><br>
1017
A solution should be to setup your config file with something like:<br>
1018
<i>LogFile=mylog*.log</i><br>
1019
However, with such a syntax, AWStats can't know in wich order processing log files (wich log file is the first, next or last). So
1020
to work like this you must use the following syntax:<br>
1021
<i>LogFile="/pathto/logresolvemerge.pl mylog*.log |"</i><br>
1022
<a href="awstats_tools.html#logresolvemerge">Logresolvemerge</a> is a tool provided with
1023
AWStats (in tools directory) that merge several log files on the fly sending line by line always the older record
1024
from a list of several log files. Using such a tool as a pipe source for AWStats <a href="awstats_config.html#LogFile">LogFile</a>
1025
parameter is a very good solution because, it allows you to merge log files whatever their size
1026
with no memory use, no hard disk use (no temporary files built), it is fast, it prevents
1027
you from a bad order if your log files are not correctly ordered, etc...<br>
1028
This tool can also be used to process log files from load balanced systems (see <a href="awstats_faq.html#LOADLOG">FAQ-COM400</a>)<br>
1031
<a name="LOADLOG"></a><br>
909
1032
<b><u>FAQ-COM400 : HOW CAN I UPDATE MY STATISTICS WHEN I USE A LOAD BALANCING SYSTEM THAT SPLITS MY LOGS ?</u></b><br>
910
1033
<font class=CProblem>PROBLEM:</font><br>
911
1034
How can I update my statistics when i use a load balancing system that split my logs ?<br>
912
1035
<font class=CSolution>SOLUTION:</font><br>
913
The best solution is to merge all split log files resulted from all your load balanced servers into one. For this, you can use
914
the <a href="awstats_config.html#logresolvemerge">logresolvemerge</a> tool provided with AWStats :<br>
1036
First solution is to merge all split log files resulted from all your load balanced servers into one. For this, you can use
1037
the <a href="awstats_tools.html#logresolvemerge">logresolvemerge</a> tool provided with AWStats :<br>
915
1038
<i>logresolvemerge.pl file1.log file2.log ... filen.log > newfiletoprocess.log</i><br>
916
1039
And setup the <a href="awstats_config.html#LogFile">LogFile</a> parameter in your config file to process the <i>newfiletoprocess.log</i> file or use
917
the <i>-logfile</i> command line option to overwrite <a href="awstats_config.html#LogFile">LogFile</a> value.<br>
1040
the <i>-LogFile</i> command line option to overwrite <a href="awstats_config.html#LogFile">LogFile</a> value.<br>
1041
As an other solution, if you miss disk space, or to save time, you can ask <a href="awstats_tools.html#logresolvemerge">logresolvemerge</a>
1042
to merge log files on the fly during the AWStats update process. For this, you can use the following syntax in your AWStats config file:<br>
1043
<i>LogFile="/pathto/logresolvemerge.pl file*.log |"</i><br>
1044
See also <a href="awstats_faq.html#MULTILOG">FAQ-COM360</a> for explanation on logresolvemerge use.<br>
920
1047
<a name="RESET"></a><br>
1183
1312
of log files.<br>
1184
1313
If this is because the date is invalid, you might have a problem of date not computed correctly
1185
1314
this it happens in some Pentium4/Xeon4 processors:<br>
1186
On some (few) Intel Pentium4 (also Xeon4) based host systems, log file time can not be computed
1187
correctly. This is not an issue of AWStats itself. This error usually occurs on source-based linux
1188
distributions (gentoo, slackware etc.), where all system libraries are compiled with CPU optimization.
1189
AWStats is a highly developed PERL application. PERL itself relies on some system libraries,
1190
for example GLIBC. The GLIBC library usually is buggy in this case. There is an easy way to figure
1191
out whether the problem described here is responsible for AWStats problems on your system:<br>
1192
If you have shell access to your machine, simply type the following command:<br>
1193
<i>perl -e "print int ('541234567891011165415658')"</i><br>
1194
(NOTE: any 25-digit number works, there is no need to type this exact number)<br>
1195
If everything goes fine, you should see a floating point number as output:<br>
1196
<i>5.41234567891011e+23</i><br>
1197
In this case, please do more research on your log file formats. Your host system itself is not
1198
responsible for the error.<br>
1199
But if simply a "0" returns or some other error, this is an indication of your glibc beeing corrupt.<br>
1200
ATTENTION: The only solution in this case might be to recompile your GLIBC. This can be a quite tricky
1201
task. Please consult the documentation and F.A.Q.s of your linux distribution first!! (experts: first
1315
On some (few) Intel Pentium4 (also Xeon4) based host systems, log file time can not be computed
1316
correctly. This is not an issue of AWStats itself. This error usually occurs on source-based linux
1317
distributions (gentoo, slackware etc.), where all system libraries are compiled with CPU optimization.
1318
AWStats is a highly developed PERL application. PERL itself relies on some system libraries,
1319
for example GLIBC. The GLIBC library usually is buggy in this case. There is an easy way to figure
1320
out whether the problem described here is responsible for AWStats problems on your system:<br>
1321
If you have shell access to your machine, simply type the following command:<br>
1322
<i>perl -e "print int ('541234567891011165415658')"</i><br>
1323
(NOTE: any 25-digit number works, there is no need to type this exact number)<br>
1324
If everything goes fine, you should see a floating point number as output:<br>
1325
<i>5.41234567891011e+23</i><br>
1326
In this case, please do more research on your log file formats. Your host system itself is not
1327
responsible for the error.<br>
1328
But if simply a "0" returns or some other error, this is an indication of your glibc beeing corrupt.<br>
1329
ATTENTION: The only solution in this case might be to recompile your GLIBC. This can be a quite tricky
1330
task. Please consult the documentation and F.A.Q.s of your linux distribution first!! (experts: first
1202
1331
check your global compile flags, eg. march=Pentium4. Trying with other compile flags can solve problem
1203
quickly in some cases.<br>
1204
NOTE: In some cases, this error might occour "suddenly", even though AWStats was already running
1205
perfect already.<br>
1332
quickly in some cases.<br>
1333
NOTE: In some cases, this error might occur "suddenly", even though AWStats was already running
1334
perfect already.<br>
1208
1337
<a name="NOTSAMENUMBER"></a><br>