LogSegment

Both these plugins rely on the logsegment created on the webserver by createlogsegment.sh :-

root@expose6app:~# cat /root/apache-analysis/createlogsegment.sh
#!/bin/bash
 
#Written Andrew Stringer  08-07-2014
#Purpose is to produce a log extract of the last 10 mins activity for further analysis.
 
 
grep `date -d "10 minutes ago" +"%d/%b/%Y:%H:%M"` -A 999999 /var/log/apache2/ssl-access.log > /home/nagios/ssl-segment.log
chown nagios:nagios /home/nagios/ssl-segment.log
 
 
exit 0

createlogsegment.sh needs to be run from cron:-

# Extract Apache logsegment every 10 mins
*/10 * * * *  /root/apache-analysis/createlogsegment.sh > /root/apache-analysis/cronlog.log 2>&1

This segment is just a tail of the access log in the usual Apache format:-

82.47.6.214 - - [22/Sep/2014:09:19:12 +0000] "GET /default/storage/getUrl?objectname=thn23105338.png&system=printing&return=redirect HTTP/1.1" 302 680 "https://service.com/settings/appliances/summary" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36"
82.47.6.214 - - [22/Sep/2014:09:19:13 +0000] "GET /default/storage/getUrl?objectname=thn23105329.png&system=printing&return=redirect HTTP/1.1" 302 680 "https://service.com/settings/appliances/summary" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36"
 
linux/logsegment.txt · Last modified: 12/01/2021 13:17 by andrew