home *** CD-ROM | disk | FTP | other *** search
- From: Garrett Bartley <garrett@smartechcorp.net>
- To: analog-help@lists.isite.net
- Date: Fri, 1 Nov 2002 13:50:46 -0500
- Subject: [analog-help] Log formats for several log types
-
- As promised, here are the log formats for several different server services
- that I have successfully created with good results. I can make no guarantee
- on any of these, but I can say that they have worked for me. Please
- feel free to offer any corrections or improvements.
-
- =============================================================================
- Microsoft FTP Server
-
- Sample log file line:
- 2002-10-31 15:33:33 207.32.96.139 user MSFTPSVC2 Server1 192.168.1.100 21 [2855]created filename.ext - 226 0 165340 1468
- FTP - - - -
-
- Log format:
- LOGFORMAT "%Y-%m-%d %h:%n:%j %s %u %j %j %j [%j]%j %r - %C %b %b %t FTP - - - -"
-
- Notes: This is with all logging turned on except for the Win32 status.
-
- =============================================================================
- Real Media Server
-
- Sample log file line:
- 12.216.124.30 - - [31/Oct/2002:22:45:26 -0500] "GET dir/091202v1.rm RTSP/1.0" 200 23306141 [WinNT_5.0_6.0.9.380_play32_AOL8_en-US_UNK_axembed] [abc4fd5b-8b09-456b-9cdf-3e7fea4b705d] [Stat1: 8028 18 0 0 0 64_Kb
- ps_Stereo_Music_-_RA8][Stat2: 64083 65987 0 0 0 18 18 0 0 0 50 64_Kbps_Stereo_Music_-_RA8] 77700425 1595 905 123 0 8581
-
- Log format:
- LOGFORMAT "%s %j %j [%d/%M/%Y:%h:%n:%j %j] "%j %r %j" %c %b [%B] %j"
-
- Notes:
- This ignores the extra statistics at the end and just reports the basics.
-
- =============================================================================
- Serv-U FTP Server
-
- Sample log file line:
- [3] Tue 14May02 16:56:25 - (000037) Error sending file f:\filename.ext, aborting (3.09 Kb/sec - 487424 bytes, client closed data connection)
- [4] Tue 30Apr02 14:52:54 - (000257) Received file f:\filename.ext successfully (29
- .2 Kb/sec - 5651 bytes)
- [3] Wed 01May02 23:18:53 - (000002) Sent file f:\filename.ext successfully (92.2 Kb/sec - 6893 bytes)
- [5] Tue 30Apr02 10:29:18 - (000245) Connected to 216.136.171.204 (Local address 192.168.1.101)
-
- Log format(s):
- LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Error sending file %r, aborting (%j Kb/sec - %b bytes, %j %j)"
- LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Received file %r successfully (%j Kb/sec - %b bytes)"
- LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Sent file %r successfully (%j Kb/sec - %b bytes)"
- LOGFORMAT "[%j] %j %d%M%y %h:%n:%j - (%j) Connected to %s (Local address 192.168.1.101)"
-
- =============================================================================
- Shoutcast (Old style logging)
-
- Sample log file lines:
- <08/18/02@04:25:49> [SHOUTcast] DNAS/win32 v1.8.0 (Jan 2 2001) starting up...
- <08/18/02@04:25:49> [main] loaded config from C:\Program Files\SHOUTcast2\sc_serv_gui.ini
- <08/18/02@04:25:49> [main] initializing (usermax:200 portbase:9191)...
- <08/18/02@04:25:49> [main] No ban file found (sc_serv.ban)
- <08/18/02@04:25:49> [main] No rip file found (sc_serv.rip)
- <08/18/02@04:25:49> [main] opening source socket
- <08/18/02@04:25:49> [main] source thread starting
- <08/18/02@04:25:49> [main] opening client socket
- <08/18/02@04:25:49> [source] listening for connection on port 9192
- <08/18/02@04:25:49> [main] Client Stream thread [0] starting
- <08/18/02@04:25:49> [main] client main thread starting
- <08/18/02@04:25:49> [dest: 216.253.39.2] server unavailable, disconnecting
- <08/18/02@04:25:58> [source] connected from 66.192.5.158
- <08/18/02@04:25:58> [source] icy-name:NEWSRADIO 640 WGST (rush dr. laura kimmer) ; icy-genre:NEWS TALK
- <08/18/02@04:25:58> [source] icy-pub:1 ; icy-br:24 ; icy-url:http://www.wgst.com
- <08/18/02@04:25:58> [source] icy-irc:#shoutcast ; icy-icq:0 ; icy-aim:N/A
- <08/18/02@04:25:59> [dest: 205.188.234.42] starting stream (UID: 0)[L: 1]
- <08/18/02@04:25:59> [dest: 205.188.234.42] connection closed (0 seconds) (UID: 0)[L: 0]{Bytes: 16384}
- <08/18/02@04:26:00> [yp_add] yp.shoutcast.com added me successfully
- <08/18/02@04:28:59> [yp_tch] yp.shoutcast.com touched!
- <09/11/02@12:08:25> [dest: 63.236.253.100] service full, disconnecting
-
- Log format(s):
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] connection closed (%t seconds) (UID: %u)[L: %r]{Bytes: %b}
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] starting stream (UID: %j)[L: %j]
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [yp_tch] yp.shoutcast.com touched!
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] service full, disconnecting
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [SHOUTcast] DNAS/win32 v1.8.0 (Jan 2 2001) starting up...
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] loaded config from C:\Program Files\%j\sc_serv_gui.ini
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] initializing (usermax:%j portbase:%j)...
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] No ban file found (sc_serv.ban)
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] No rip file found (sc_serv.rip)
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] opening source socket
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] source thread starting
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] opening client socket
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] listening for connection on port %j
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] Client Stream thread [%j] starting
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [main] client main thread starting
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [dest: %s] server unavailable, disconnecting
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] connected from %j
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] icy-name:NEWSRADIO 640 WGST (rush dr. laura kimmer) ; icy-genre:NEWS TALK
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] icy-pub:1 ; icy-br:24 ; icy-url:http://www.wgst.com
- LOGFORMAT "<%m/%d/%y@%h:%n:%j> [source] icy-irc:#shoutcast ; icy-icq:0 ; icy-aim:N/A
- <%m/%d/%y@%h:%n:%j> [yp_add] yp.shoutcast.com added me successfully
-
- =============================================================================
- Shoutcast (New W3C style logging)
-
- Sample log file lines:
- #Fields: c-ip c-dns date time cs-uri-stem c-status cs(User-Agent) sc-bytes x-duration avgbandwidth
- 66.156.94.18 66.156.94.18 2002-09-14 22:38:34 /stream?title=Unknown 200 iTunes%2F3%2E0%20%28Macintosh%3B%20N%3B%20PPC%29 409600 86 38096
-
- Log format(s):
- LOGFORMAT "%s %S %Y-%m-%d %h:%n:%j %r %c %u %b %j %j"
-
- =============================================================================
- Microsoft Windows Media
-
- Sample log file lines:
- #Fields: c-ip date time c-dns cs-uri-stem c-starttime x-duration c-rate c-status c-playerid c-playerversion c-playerlanguage cs(User-Agent) cs(Referer) c-hostexe c-hostexever c-os c-osversion c-cpu filelength filesize avgbandwidth protocol transport audiocodec videocodec channelURL sc-bytes c-bytes s-pkts-sent c-pkts-received c-pkts-lost-client c-pkts-lost-net c-pkts-lost-cont-net c-resendreqs c-pkts-recovered-ECC c-pkts-recovered-resent c-buffercount c-totalbuffertime c-quality s-ip s-dns s-totalclients s-cpu-util
- 203.40.128.205 2002-11-01 05:23:33 vincet mms://media.streamtoyou.com/cog/ISDN/OT_les06.asf 166 6 1 200 {CD48B822-BB6E-11D6-A01B-DD746EAE8C33} 6.4.7.1119 en-AU Mozilla/4.0_(compatible;_MSIE_6.0;_Windows_98;_YComp_5.0.0.0) http://www.ministerialtraining.org/VideoView.asp?ID=1&U=8&L=6&V=6&S=100 IEXPLORE.EXE 6.0.2600.0 Windows_98 4.10.0.2222 Pentium 1805 23113117 10638 mms UDP Windows_Media_Audio_V2 Microsoft_MPEG-4_Video_Codec_V3 - 15237 0 52 37 0 0 0 0 0 0 1 0 100 65.172.162.91 - 1 0
-
- Log format(s):
- LOGFORMAT (#%j: %j)
- LOGFORMAT (%s%w%Y-%m-%d%w%h:%n:%j%w%S%w%r%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%B%w%f%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%b%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%j%w%v%w%j%w%j)
-
- Notes: This is with all logging turned on except for the Win32 status.
-
- =============================================================================
- Microsoft SMTP
-
- Note: Analog detects the log format automagically since it is very similar to IIS W3C logging.
-
- =============================================================================
-
