Re: [SQU] access.log

From: Thomas Adam <[email protected]>
Date: Thu, 28 Dec 2000 10:10:23 -0800 (PST)

Dear Sir,

Take a look at the files attached. All one has to do
is to copy both squidlog and perlspt into your
"/usr/bin" folder and at the terminal window or
console type the following:

squidlog

and once that has finished open the file
"/var/squid/logs/squidlog1.txt" using your favourite
text editor.

More scripts like this can be found at the following
URL:

www.squidproxyapps.org.uk

Regards,

Thomas Adam
re: thomas_adam16@yahoo.com

--- MILIN Jacques <jacques.milin@cpam-laval.cnamts.fr>
wrote: > Hello,
>
> how can i convert unix timestamps into something
> more human readable in
> my access.log
>
> Is there any script available somewhere?
>
> Thanks,
>
>
> Jacques.
>
> --
> To unsubscribe, see
> http://www.squid-cache.org/mailing-lists.html
>

=====
Thomas Adam
Linux Co-ordinator for The Purbeck School

e-mail (school): n6tadam@users.purbeck.dorset.sch.uk
e-mail (yahoo) : thomas_adam16@yahoo.com

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

#!/bin/bash
#############################################################################
#Squidlog (version 2.0) - Script to process 'access.log' generated by squid #
#Created by Thomas Adam (C) Squidproxyapps Thursday 7 December 2000 5:00 pm #
#Written for Dave Turnbull of The Purbeck School [ICT Department] #
#############################################################################
#Declare Variables
mp="/var/squid/logs"

#function 'Echo_info' displays info on screen to show what it is doing....
echo_info ()
{
clear #get rid of the clutter on the screen
#cd $mp
echo "Script Processing for access.log output"
echo "Written by Thomas Adam (contributed to by Dave Turnbull)"
echo "For Dave Turnbull [ICT Department]"
sleep 3 #URGENTLY required.....NEVER DELETE
echo
echo "Working......"
echo "Running Perl Class......"
perl_run
echo "Running AWK column Class......"
awk_run
echo "Running Sed script to Remove File Extensions......"
sed1_run
echo "Running AWK2 subclass [Courtesy of Dave Turnbull]....."
awk2_run
echo "Running AWK3 subclass [Courtesy of Dave Turnbull!!]....."
awk3_run
echo "Removing blank lines, Commas, and CR's....."
sed2_run
echo "FTP to http://intranet/proxystats"
#ftp 192.168.0.2
}

#Perl function converts the UNIX timestamp into "localtime"
perl_run ()
{
   #!/usr/bin/perl
   perl perlspt
} < access.log >access.slog

#Awk(1) function divides 'access.slog' into the specified columns
awk_run ()
{
  #!/bin/awk -f
  while read ok; do #var 'ok' is never used. it is just the loop that is used.
  
  awk 'BEGIN { FS=" " ; OFS="," # OFS separate by comma ','
        #print "==== ==== == ================="
        print "TCP,Date,Time,IP,Username,URL"
        #print "==== ==== == ================="
        print ""
     
              }
{print $8, $1 $2 $3, $4, $7, $12, $11 ; matches++ }
END {print ""
        print "A total of " matches " page requests."
        }'
done
} < access.slog >awkresults.txt

#Sed(1) function removes all lines with file extensions that are not needed
sed1_run ()
{
   #!/bin/sed
   sed '/^TCP_DENIED/d;
   s/http://
   s|//||g #interesting Dave.....this regex is conventional!!
   /htm$/d;
   /html$/d;
   /htm?$/d;
   /html?$/d;
   /gif$/d;
   /jpg$/d;
   /css$/d;
   /class$/d;
   /pl?$/d;
   /asp$/d;
   /asp?$/d;
   /js$/d;
   /jsp$/d;
   /query?$/d;
   /GIF$/d;
   /JPG$/d;
   /CSS$/d;
   /HTM$/d;
   /HTML$/d;
   /jsp?$/d;
   /gif?$/d;
   /dll?$/d;'
   
} < awkresults.txt >sedresults.txt

#awk2 I can't seem to remember what this does. Dave you created it...any ideas?
awk2_run ()
{
   #!/bin/awk -f
   while read ok; do
awk 'BEGIN { FS="," ; OFS="," # use the tab key OFS
        #print "==== ==== == ================="
        #print "Date Time IP URL (full syntax)"
        #print "==== ==== == ================="
        print ""
     
        }
{print $2, $3, $4, $5, $6 ; matches++ }
END {print ""
        print "A total of " matches " domain entries."
        }'
   done
} < sedresults.txt >awkresults2.txt

#awk3 func. again what does this do?
awk3_run ()
{
#!/bin/awk
awk 'BEGIN { FS="/" ; OFS=" " # use the tab key OFS
        #print "==== ==== == ================="
        #print "Date Time IP URL (full syntax)"
        #print "==== ==== == ================="
        print ""
     
        }
{print $1 ; matches++ }
END {print ""
        print "A total of " matches " matches."
        }'
} < awkresults2.txt >squidlog.txt

#func sed2_run "cleans" up the file
sed2_run ()
{
   #!/bin/sed
   sed 's/,,,,,/ /g;
   s/,,,,/ /g;
   / /d;
   /^$/d;
   s/-/unknown/g;'' #for some reason squid returns a '-' user.
} < squidlog.txt >squidlog1.txt

#call the main function
echo_info

#!/usr/bin/perl -p
s/^\d+\.\d+/localtime $&/e;

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Thu Dec 28 2000 - 11:13:53 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:08 MST