Differences

This shows you the differences between two versions of the page.

Link to this comparison view

rb:logsegment [18/02/2020 10:34] (current)
andrew created
Line 1: Line 1:
 +===== LogSegment =====
 +
 +
 +Both these plugins rely on the logsegment created on the webserver by createlogsegment.sh :-
 +
 +<code bash>
 +root@expose6app:​~#​ cat /​root/​apache-analysis/​createlogsegment.sh
 +#!/bin/bash
 +
 +#Written Andrew Stringer ​ 08-07-2014
 +#Purpose is to produce a log extract of the last 10 mins activity for further analysis.
 +
 +
 +grep `date -d "10 minutes ago" +"​%d/​%b/​%Y:​%H:​%M"​` -A 999999 /​var/​log/​apache2/​ssl-access.log > /​home/​nagios/​ssl-segment.log
 +chown nagios:​nagios /​home/​nagios/​ssl-segment.log
 +
 +
 +exit 0
 +</​code>​
 +
 +''​createlogsegment.sh''​ needs to be run from cron:-
 +<​code>​
 +# Extract Apache logsegment every 10 mins
 +*/10 * * * *  /​root/​apache-analysis/​createlogsegment.sh > /​root/​apache-analysis/​cronlog.log 2>&1
 +</​code>​
 +
 +
 +This segment is just a tail of the access log in the usual Apache format:-
 +<​code>​
 +82.47.6.214 - - [22/​Sep/​2014:​09:​19:​12 +0000] "GET /​default/​storage/​getUrl?​objectname=thn23105338.png&​system=printing&​return=redirect HTTP/​1.1"​ 302 680 "​https://​service.com/​settings/​appliances/​summary"​ "​Mozilla/​5.0 (Windows NT 6.1; WOW64) AppleWebKit/​537.36 (KHTML, like Gecko) Chrome/​37.0.2062.120 Safari/​537.36"​
 +82.47.6.214 - - [22/​Sep/​2014:​09:​19:​13 +0000] "GET /​default/​storage/​getUrl?​objectname=thn23105329.png&​system=printing&​return=redirect HTTP/​1.1"​ 302 680 "​https://​service.com/​settings/​appliances/​summary"​ "​Mozilla/​5.0 (Windows NT 6.1; WOW64) AppleWebKit/​537.36 (KHTML, like Gecko) Chrome/​37.0.2062.120 Safari/​537.36"​
 +</​code>​
 +
 +
 +
  

rb/logsegment.txt ยท Last modified: 18/02/2020 10:34 by andrew