[analog-help] Analysing Vicomsoft Internet Gateway W3C Extended Format

Jason Linhart jason at summary.net
Fri Feb 8 11:26:23 PST 2002 

When I create a log file based on the sample you provided below, name it 
WebSTAR.log, and run it against the 5.1d Mac distribution with no changes 
to the configuration file I get:

Processing...
analog: analog version 5.1/Mac
analog: Warning M: Logfile WebSTAR.log contains lines with no file names: 
page
  counts may be low
  (For help on all errors and warnings, see docs/errors.html)
analog: Warning M: Logfile WebSTAR.log contains lines with no bytes: byte
  counts may be low
analog: Warning R: Turning off empty time reports
analog: Warning R: Turning off empty Request Report
analog: Warning R: Turning off empty Failure Report
analog: Warning R: Turning off empty File Type Report
analog: Warning R: Turning off empty Directory Report
analog: Warning R: Turning off empty Referrer Report
analog: Warning R: Turning off empty Referring Site Report
analog: Warning R: Turning off empty Failed Referrer Report
analog: Warning R: Turning off empty Browser Report
analog: Warning R: Turning off empty Search Word Report
analog: Warning R: Turning off empty Browser Summary
analog: Warning R: Turning off empty Operating System Report
analog: Warning R: Turning off empty File Size Report
analog: Warning R: Turning off empty Status Code Report
analog: Warning R: In Domain Report, turning off empty pie chart
analog: Warning R: In Organisation Report, turning off pie chart of only 
one
  wedge
analog: Warning R: In Host Report, turning off pie chart with no wedges
Complete!

That all makes sense to me, there are no request names or byte counts in 
your sample log.

When I drag and drop that log onto the Analog application I get exactly 
the error messages you describe below. Drag and drop attepmts to 
determine if a file is a log file or a configration file by looking at 
the first character. If the first character is a '#' it assumes that it 
must be a configuration file. That assumption is wrong in this case, but 
there is no need to use drag and drop, so you can avoid the problem.

Jason


On 2/7/02 6:53 AM Peter Reid (preid at reidit.co.uk) wrote:

>I'm running Vicomsoft Internet Gateway (VIG) router software on my 
>Mac server, which provides shared Internet access to a small network 
>of mixed Mac and PC clients.  This produces a log file that is 
>supposed to be in W3C Extended format.  However, whenever I try to 
>analyse this log file with Analog 5.1d (Mac version) I get a stream 
>of error messages and no significant output in the Report.html file.
>
>In analog.cfg, I have the following log format settings:
>
>    DEFAULTLOGFORMAT AUTO
>
>    LOGFORMAT AUTO
>
>My VIG log file starts as follows:
>
>#Software:	"Vicomsoft Log Generator"
>#Version:	1.0
>#Date:	2002-02-07	03:00:02
>#Start-Date:	2002-02-06	03:00:01
>#End-Date:	2002-02-07	03:00:00
>#Fields:	date	time	c-ip	c-dns	s-ip	s-dns 
>	cs-method	time-taken	x-bytes-sent 
>	x-bytes-received	x-src-port-id	x-dest-port-id
>#Remark:	Gateway Traffic Log ( W3C Extended Log Format )
>
>(note: the #Fields: line is a single line but has wrapped in this e-mail)
>
>and typical log entries are as follows:
>
>2002-02-06	18:18:24	192.168.181.1:49178	- 
>	194.72.108.245:80	banners.yellowpages.co.uk	TCP 
>	1.000	722	490	2	1
>2002-02-06	18:18:25	192.168.181.1:49180	- 
>	212.35.224.14:80	www.private-eye.co.uk	TCP 
>	13.000	1241	2650	2	1
>2002-02-06	18:18:24	192.168.181.1:49177	- 
>	212.35.224.14:80	www.private-eye.co.uk	TCP 
>	14.000	2344	7880	2	1
>2002-02-06	18:19:24	192.168.181.1:49182	- 
>	194.72.108.35:80	search.yell.com	TCP	0.000	854 
>	47907	2	1
>
>(note: the log entries have wrapped in this e-mail, they all start 
>with 2002-02-06 and are on a single line in the actual log file)
>
>The error trace I'm getting is:
>
>analog: Warning C: Unknown configuration command: ignoring it:
>   2002-02-06 18:21:50 192.168.181.150:49295
>analog: Warning C: Unknown configuration command: ignoring it:
>   2002-02-06 18:22:41 192.168.181.150:49296
><snip>
>analog: Warning C: Unknown configuration command: ignoring it:
>   2002-02-07 01:15:31 192.168.181.1:49443
>analog: Warning F: Failed to open logfile WebSTAR.log: ignoring it
>analog: Warning R: Turning off empty time reports
>analog: Warning R: Turning off empty Request Report
>analog: Warning R: Turning off empty File Type Report
>analog: Warning R: Turning off empty Directory Report
>analog: Warning R: Turning off empty Domain Report
>analog: Warning R: Turning off empty Organisation Report
>analog: Warning R: Turning off empty Search Word Report
>analog: Warning R: Turning off empty Operating System Report
>analog: Warning R: Turning off empty File Size Report
>analog: Warning R: Turning off empty Status Code Report
>Complete!
>
>with "analog: Warning C: Unknown configuration command" against EVERY 
>log entry!
>
>I've even tried changing the LOGFORMAT to EXTENDED, but still get 
>error messages for every log entry line.
>
>Has anyone got any experience of trying to analyse this type of log 
>file or does anyone have any suggestions/ideas?


-----------------
Jason at Summary.Net
-----------------
Dr. Seuss books . . . can be read and enjoyed on several levels. For
example, 'One Fish Two Fish, Red Fish Blue Fish' can be deconstructed
as a searing indictment of the narrow-minded binary counting system.
  -- Peter van der Linden, Expert C Programming, Deep C Secrets


+------------------------------------------------------------------------
|  This is the analog-help mailing list. To unsubscribe from this
|  mailing list, go to
|    http://lists.isite.net/listgate/analog-help/unsubscribe.html
|
|  List archives are available at
|    http://www.mail-archive.com/analog-help@lists.isite.net/
|    http://lists.isite.net/listgate/analog-help/archives/
|    http://www.tallylist.com/archives/index.cfm/mlist.7
+------------------------------------------------------------------------

More information about the analog-help mailing list