===== LogSegment =====


Both these plugins rely on the logsegment created on the webserver by createlogsegment.sh :-

<code bash>
root@expose6app:~# cat /root/apache-analysis/createlogsegment.sh
#!/bin/bash

#Written Andrew Stringer  08-07-2014
#Purpose is to produce a log extract of the last 10 mins activity for further analysis.


grep `date -d "10 minutes ago" +"%d/%b/%Y:%H:%M"` -A 999999 /var/log/apache2/ssl-access.log > /home/nagios/ssl-segment.log
chown nagios:nagios /home/nagios/ssl-segment.log


exit 0
</code>

''createlogsegment.sh'' needs to be run from cron:-
<code>
# Extract Apache logsegment every 10 mins
*/10 * * * *  /root/apache-analysis/createlogsegment.sh > /root/apache-analysis/cronlog.log 2>&1
</code>


This segment is just a tail of the access log in the usual Apache format:-
<code>
82.47.6.214 - - [22/Sep/2014:09:19:12 +0000] "GET /default/storage/getUrl?objectname=thn23105338.png&system=printing&return=redirect HTTP/1.1" 302 680 "https://service.com/settings/appliances/summary" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36"
82.47.6.214 - - [22/Sep/2014:09:19:13 +0000] "GET /default/storage/getUrl?objectname=thn23105329.png&system=printing&return=redirect HTTP/1.1" 302 680 "https://service.com/settings/appliances/summary" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36"
</code>