windows web hosting

Your Virtual Server has three types of log files: e-mail, FTP, and web. These logs contain helpful diagnostic information as well as invaluable information about your web site visitors. Although extremely useful, your logs can cause a lot of problems if not properly maintained.

Maintaining Your E-mail and FTP Log
The log file for e-mail, FTP, and logins is ~/var/log/messages. This log file is primarily used as a troubleshooting tool for diagnosing e-mail problems. Each time a message passes through the virtual SMTP server, sendmail logs the transaction. Each time a user checks his or her mailbox through the virtual POP or IMAP server, the transaction is logged. If you connect to your Virtual Server via Telnet or SSH, however, these sessions are not logged in var/log/messages.

The ~/var/log/messages file contains log entries from various programs. Each entry, one per line, contains the following:

  • A time stamp (recording the date and time of the log entry).
  • The name of the originating program.
  • The text of the log entry.
Viewing the ~/var/log/messages File

From you Virtual Server command prompt, type:

% tail -f ~/var/log/messages

The tail command prints the last ten lines of the named file. The -f option allows you to "follow" the file as it grows. Exit tail by entering <ctrl>-c.

Since the ~/usr/log/messages file has a tendency to grow large over time, you should reset it periodically.

Resetting the ~/var/log/messages File

From you Virtual Server command prompt, type:

% cat /dev/null > ~/var/log/messages

This action removes all messages recorded in the logs.

Note: Before resetting the log, prepare archival copies, if needed. You can do this, for example, by archiving your files with tar or zip and then copying them via FTP from your server to your local computer.

You may also use the vnukelog -r command. However, this command resets both the messages file and the web server log files. The vnukelog command is explained in more detail later in this chapter.

Maintaining Your Web Logs
Your business possibly depends on obtaining detailed information about your web site traffic. Your Virtual Server web service allows you to easily obtain statistical information about the usage of your web site. This section covers the following topics about managing your Virtual Server's web logs:
  • Web Server Log Format
  • Analyzing log files
  • Rotating and clearing log files
Web Server Log Format
Your Virtual Server web service logs all traffic at your web site to log files located in your ~/www/logs directory. By default, your Virtual Server is configured to log in the combined log format. All information is logged to the following two log files:
  • access_log (all access, agent, and referrer information is logged to ~/www/logs/access_log)
  • error_log

Logged in these files is the volume of activity at each page on your web site, the type of browser used to access each page, any errors that users may have experienced downloading pages from your site, and where users were referred from when they accessed pages at your site.

Alternatively, you may configure your Virtual Server to log in the common log format by modifying your web server configuration file (~/www/conf/httpd.conf). In the common log format, all information is logged to four log files:

  • access_log
  • agent_log
  • referrer_log
  • error_log

The log format as well as other log activity is based on the directives you define in your httpd.conf configuration file. The default directive definitions should be adequate for most circumstances. However, you are free to modify the directives if you need to define log file formatting (or turn off the logging capability altogether). See Chapter 6 (Advanced Web Server Configuration) for details on log directives.

Recall that when your Virtual Server is configured, the default log preferences are set up in the combined log format:

Log File Type

Log File Name

ErrorLog

error_log

TransferLog

access_log

AgentLog

access_log

ReferrerLog

access_log

Using the Error Log
Entries are appended to the error log if your server encounters an error while attempting to retrieve a requested resource. Use your error log file as a diagnostic tool. Download the error log file from time to time and take a look at what it contains. It may help you discover broken links on your site or external links on someone else's site.

Viewing the error_log File's Latest Entries

  1. Connect to your Virtual Server via Telnet or SSH.
  2. Make the www/logs directory your current working directory, by entering:

    % cd ~/www/logs/

  3. From your logs directory, type:

    % tail -f error_log

Note: The tail command prints the last ten lines of the named file. The -f option allows you to "follow" the file as it grows. Exit by typing <ctrl>-c.

You can control the detail level of the error log file the LogLevel directive in your httpd.conf file.

Testing the Error Log
Use your browser to open the following URL:

http://www.yourcompany.com/bogus-filename.html

Assuming that the file bogus-filename.html doesn't exist, a new entry will be added to your error log file. It will look something like this:

[date and time] access to /usr/local/etc/httpd/htdocs/bogus-filename.html failed for some.remote.host, reason: File does not exist

Using the Access Log
If your log file is not empty, the tail command displays an echo of the latest entries in the access log file. Each entry line represents a resource request made to your virtual web service.Viewing the Access Log File's Latest Entries
  1. Connect to your Virtual Server via Telnet or SSH.
  2. Make the www/logs directory your current working directory by entering:

% cd ~/www/logs/

  1. From your logs directory, type:

    % tail –f access_log

Testing the Access Log
Use your browser to access the main index page of your Virtual Server. As you access the page with your browser, new log entries append to your log file. The entries appear as follows:

some.IP.address - user - [access date and time] "request" status bytes_sent file_sent referrer agent

Note: You can exit the tail command by entering "<ctrl>-c" at any time.

Access Log Format
Each entry in the access log is comprised of six specific parts. Consider the following example:

some.remote.host - user - [19/Aug/1998:13:48:56 –0600] "GET /index.php HTTP/1.0" 200 4817 "http://www.yahoo.com" "Mozilla/4.75 [en] (Windows NT 5.0; U)"

This entry suggests that on the 19th of August 1998 at 1:48:56 in the afternoon Mountain Standard Time (or some other –0600 time zone), a remote host "some.remote.host" requested the URL "index.php" using an HTTP/1.0-compliant browser. The server found the resource requested (status code 200) and returned it to the client. The document was 4817 bytes in length. The request came from a link on Yahoo's home page (the referring site), and the user was using Netscape Navigator v4.75 ("Mozilla" is how Netscape identifies itself to web servers).

The following table explains this example in more detail.

Access Log Part

Sample Entry

Description

host name

some.IP.address

Represents the IP address of the remote host that requested the resource.

user ID

user

The User ID that was required in order to access the requested resource. If the resource that was requested requires no user authentication, then this data field will be left blank.

time stamp

[19/Aug/1998:13:48:56 –0600]

[Enclosed by square brackets] the log entry is precise to the second.

resource request

"GET /index.php HTTP/1.0"

The resource request itself is comprised of three data fields: 1) the method of the request (GET, POST, etc.). 2) the local URL of the resource requested. 3) the HTTP version used by the client (which in most cases is HTTP/1.0).

Numeric status code that represents the server's response to the request

200

The HTTP Status Codes range in value from 200 to 599. Values from 200-299 indicate successful responses. Values that range from 300-399 indicate redirection, i.e. the resource at the requested URL as moved to another location. Any status code with a value of 400 or above indicates the request encountered an error.

Exact size (in bytes) of the requested resource

4817

  

referrer

"http://www.yahoo.com"

A record of the document from which a resource was requested (e.g. if users came to your site from Yahoo!'s web site, that information would be recorded here).

agent

"Mozilla/4.75 [en] (Windows NT 5.0; U)"

The agent log is simply a list of the browsers (or spiders) that are accessing your web site. Each time a request is received by your web server, the type of browser that made the request is recorded.

Analyzing Log Files
The amount of actual data logged in your web server log files is intimidating even on relatively low traffic sites. To make any sense of the data, you need a log file analysis program to process, analyze, and generate reports for you. Fortunately, there are numerous programs available that do this.WebTrends

WebTrends™ is web server log analysis software that produces graphical reports of your web site traffic. WebTrends is easy to use because it has a friendly interface. Configure WebTrends to download your Virtual Server web log files to your computer, and then create any number of professional statistical reports. The generated reports can be stored locally on your computer, or they can be automatically uploaded back to your Virtual Server.

Additional Log Analysis Programs

There are a number of analysis programs available that you can install directly on your Virtual Server. Most of these programs analyze your web server log files in place and then create HTML, text, or e-mail reports of your web server traffic. We have made several of these tools available including http-analyze,  analog, and The Webalizer.

These software packages are a bit harder to use since they must be run from the command prompt, but they are simple to install and free of charge. For more details about log analysis software packages, see Enetrics Communications's web site.

Note: Some log analysis programs require a specific log format (i.e. combined or common). Make sure the log format configured on your Virtual Server is appropriate for the log analysis program you select.

Rotating and Clearing Log Files

Logs can grow rapidly and need to be rotated. After running the stats program of your choice, clear the logs. The command for clearing the log files is vnukelog. The vnukelog command can be used to clear the ~/usr/log/messages file as well as all Virtual Server and virtual subhost log files.

Use the -h flag to see all vnukelog options:

% vnukelog -i

Usage: vnukelog [-h] [-i] [-r]

-h   display this message
-i   enter interactive mode
-r   nuke root server logs only

Use the vnukelog command without any flags to clear the ~/usr/log/messages file and all Virtual Server and virtual subhost log files:

% vnukelog

Use the -r flag to clear just the Virtual Server log files, and leave the virtual subhost log files intact:

% vnukelog -r

Use the -i flag to enter an interactive mode that allows you to clear just the Virtual Server and virtual subhost log files you want to clear.

% vnukelog -i

Generating stats on a daily weekly or monthly schedule is important. We recommend that you use cron to automatically generate a report and rotate the logs.
Hosting  ::  Web Design  :: Server Administration  ::  Tech Support  ::  Contacts
Data Centers  ::  Tier I Global IP Network  ::  SLA/Contracts  ::  Search  ::  Account Login
 
© Copyright 1996-2009 by Enetrics Communications, All Rights Reserved.
PGP Documentation is Copyright 1990-1997 Pretty Good Privacy, Inc.
FrontPage and Microsoft are Registered Trademarks of Microsoft Corporation.
All other Trademarks are the property of their respective owner(s).

Acceptable Use Policy :: Privacy Policy		   Business Growth