all log entries containing the URL, the ip address and username

Comments (8)

1. 

   StoneSteps repo owner

   You need to provide more details - what type of logs you are processing, what do you expect to see and what are you seeing instead.

   • 2019-12-29T15:10:31+00:00
2. 

   StoneSteps repo owner

   This is just a user report and it’s shown as it always has been. I am not quite sure which report you are thinking about - the only report where a host and a URL appear together is the URL report generated when Squid proxy logs are processed. None of web log files would show hosts and URLs together (well, except for URL links).

   What log type are you processing?

   • 2019-12-31T04:30:22+00:00
3. 

   Heinrich Paul Wember

   I want to receive a report similar like

   78131     17.22%   1696865   0.05%         0.000         0.000   /kriegshaber/
   19552      4.31%    361104   0.01%         0.000         0.000   /gen/
   6183       1.36%     87472   0.00%         0.000         0.000   /
   1859       0.41%   3948195   0.13%         0.000         0.000   /gen/oesterreich/pics/StammbaumRegenten.jpg
   1034       0.23%    247952   0.01%         0.000         0.000   /gen/fugger/
   1023       0.23%    192874   0.01%         0.000         0.000   /gen/wittelsbacher/
   

   however only those records should be shown which contain one certain username or all existing usernames and in addition the ip-Adress

   • 2019-12-31T10:05:57+00:00
4. 

   StoneSteps repo owner

   which contain one certain username or all existing usernames and in addition the ip-Adress

   If I understand you correctly and you want to process only log records that match this criteria, you would use ignore/include keywords. Any matching include option will include the log record in question, even if it matches some ignore option. For example:

   ‌

   IgnoreHost    *
   InicludeHost  12.34.56.78
   IncludeUser   user1
   

   IgnoreHost ignores all log records, except those with IP address 12.34.56.78 or user with name user1, regardless of their IP address.

   For optional log record fields, like users, if you specify ignore/include options, log records with a matched value will be affected, as well as with empty values. In other words, using IgnoreUser * will show all records without a user.

   Note that these filters work at the log record level, so all reports will be affected by these filters. In other words, if the filters above match 10 log records and there is 1000 log records in the log file, then the generated HTML will show data only for 10 log records in all reports.

   • 2020-01-01T14:50:57+00:00
5. 

   StoneSteps repo owner

   Just a heads-up - I deleted two of your comments with links to avoid showing personal information that was not necessary for this discussion.

   • 2020-01-01T14:53:01+00:00
6. 

   Heinrich Paul Wember

   Hallo,

   Thank you for your answer. It looks like that your program does not have the specific function I am looking for.

   At the moment I check the log directly by extractracting these records  what I want to have using "cat access.log.19 | grep -ve "- -"  >password.19"

   then I get a file which looks like this one

   62.216.204.0 - MOD [18/Nov/2019:00:00:14 +0100] "GET /MOD/MOD2019/mp4/2019MOD-BA%20%2810%29.mp4 HTTP/1.1" 200 26031695 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/mp4/MOD2019BunterAbendmp4.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0" "-" 62.216.204.0 - MOD [18/Nov/2019:00:00:15 +0100] "GET /MOD/MOD2019/mp4/2019MOD-BA%20%2810%29.mp4 HTTP/1.1" 206 13903 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/mp4/2019MOD-BA%20%2810%29.mp4" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0" "-" 62.216.204.0 - MOD [18/Nov/2019:00:09:29 +0100] "GET /MOD/MOD2019/mp4/2019MOD-WK%20%2812%29.mp4 HTTP/1.1" 206 962347609 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/mp4/2019MOD-WK%20%2812%29.mp4" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0" "-" 62.216.204.0 - MOD [18/Nov/2019:00:09:29 +0100] "GET /MOD/MOD2019/mp4/2019MOD-WK%20%2812%29.mp4 HTTP/1.1" 206 928531033 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/mp4/2019MOD-WK%20%2812%29.mp4" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0" "-" 87.158.177.0 - MOD [21/Nov/2019:09:37:13 +0100] "GET /MOD/MOD2019/FotosHeinz/images/2019MOD%20(22)_preview.png HTTP/1.1" 200 133596 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/FotosHeinz/index01.html" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:66.0) Gecko/20100101 Firefox/66.0" "-" 87.158.177.0 - MOD [21/Nov/2019:09:37:14 +0100] "GET /MOD/MOD2019/FotosHeinz/images/2019MOD%20(23)_preview.png HTTP/1.1" 200 89881 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/FotosHeinz/index01.html" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:66.0) Gecko/20100101 Firefox/66.0" "-" 87.158.177.0 - MOD [21/Nov/2019:09:37:14 +0100] "GET /MOD/MOD2019/FotosHeinz/images/2019MOD%20(24)_preview.png HTTP/1.1" 200 98550 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/FotosHeinz/index01.html" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:66.0) Gecko/20100101 Firefox/66.0" "-" 87.158.177.0 - MOD [21/Nov/2019:09:37:14 +0100] "GET /MOD/MOD2019/FotosHeinz/images/bulletinboard_background.jpg HTTP/1.1" 200 2757887 heinz-wember.de "https://heinz-wember.de/MOD/MOD2019/FotosHeinz/index01.html" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:66.0) Gecko/20100101 Firefox/66.0" "-"

   Here I can see the URL, the IP-Adress and the user

   Regards Heinz

   Am 01.01.2020 um 15:50 schrieb StoneSteps:

   • 2020-01-01T17:20:15+00:00
7. 

   StoneSteps repo owner

   • changed status to resolved

   • 2020-08-02T22:31:23+00:00
8. 

   StoneSteps repo owner

   • changed status to closed

   • 2020-08-02T22:31:39+00:00
9. Log in to comment