三国と申します。
現在、IISのログ解析時に、「異常ログ行」がカウントされ、悩んでいます。
IISのログを見直していますが、問題は見当たりません。
定義ファイルに、"DEBUG ON"を指定し、エラー行を表示
させたのですが、空の情報しか出力されません。
どなたか、ご指南お願いします。
以下、情報(結果)の抜粋を添付します。
(win2kでanalog 4.16を使用しています)
---------------------------------
※以下の"Corrupt lines"
C:\TOOL\analog_416w32jp>analog ex030401.log
analog: analog version 4.16/Win32
F: Closing configuration file analog.cfg
F: Opening lang/jp.lng as language file
F: Closing language file lang/jp.lng
F: Opening lang/jpdom.tab as domains file
F: Closing domains file lang/jpdom.tab
F: Opening ex030401.log as logfile
F: Detect that it's in Microsoft's version of extended format
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
C:
C: *
F: Closing logfile ex030401.log
S: Successful requests: 364547
S: Redirected requests: 1
S: Failed requests: 862
S: Requests returning informational status code: 0
S: Status code not given: 3
S: Unwanted lines: 0
S: Corrupt lines: 11
S: Times in logfile offset by +540 minutes
S: Earliest entry in logfile: 1/ 4/03:0000
S: Latest entry in logfile: 1/ 4/03:2359
F: Opening Report.html as output file
analog: Warning R: Turning off empty Search Word Report
(For help on all errors and warnings, see docs/errors.html)
F: Closing Report.html
-------------------------------------------------------
C:\TOOL\analog_416w32jp>analog -settings ex030401.log
analog: analog version 4.16/Win32
F: Closing configuration file analog.cfg
This is analog version 4.16/Win32
For more information on analog see docs/Readme.html or http://www.analog.cx/
Compile-time optional code:
Pipes included
DNS lookups included
Win32 dirent included
Using open() function
Compile-time variables:
Default configuration file: analog.cfg
Mandatory configuration file: none
Configuration files read:
analog.cfg
Warning types on: all
Debugging types on: all
Reading cache files:
none
Reading logfiles:
ex030401.log
Logfile format:
<Automatic detection>\n
Times in logfile offset by +540 minutes
Analysing all dates
Including (+) and excluding (-) the following as pages:
All excluded, then
+ REGEXPI:\.asp$
+ */
+ REGEXPI:\.html?$
No LOWMEM commands in operation
DNS level is NONE
Filenames are case insensitive
DIRSUFFIX index.html
Report order is as follows:
General Summary [ON]
Monthly Report [ON]
Columns: #requests #pages
Maximum number of rows: unlimited
Graphing by requests for pages
Displaying earliest dates at top
Weekly Report [OFF]
Daily Report [OFF]
Daily Summary [ON]
Columns: #requests #pages
Maximum number of rows: unlimited
Graphing by requests for pages
Displaying earliest dates at top
Hourly Report [OFF]
Hourly Summary [ON]
Columns: #requests #pages
Maximum number of rows: unlimited
Graphing by requests for pages
Displaying earliest dates at top
Quarter-Hour Report [OFF]
Five-Minute Report [OFF]
Domain Report [ON]
Columns: #requests %bytes
Sorting by number of bytes
Floor is: [all items]
Sorting sub-items by number of bytes
Floor for sub-items is: 0.5% of the bytes
Organisation Report [ON]
Columns: #requests %bytes
Sorting by number of requests
Floor is: Top 20 items by number of requests
Host Report [OFF]
User Report [OFF]
User Failure Report [OFF]
Redirected Referrer Report [OFF]
Failed Referrer Report [OFF]
Referrer Report [OFF]
Referring Site Report [OFF]
Search Query Report [OFF]
Search Word Report [ON]
Columns: #requests
Sorting by number of requests
Floor is: Top 20 items by number of requests
Browser Report [OFF]
Browser Summary [OFF]
Operating System Report [ON]
Columns: number #requests
Sorting by number of requests
Floor is: [all items]
Virtual Host Report [OFF]
Status Code Report [ON]
Columns: #requests
Sorting alphabetically
Floor is: [all items]
Processing Time Report [OFF]
File Size Report [ON]
Columns: #requests %bytes
File Type Report [ON]
Columns: #requests %bytes
Sorting by number of bytes
Floor is: 0.1% of the bytes
Sorting sub-items by number of bytes
Floor for sub-items is: 0.1% of the bytes
Directory Report [ON]
Columns: #requests %bytes
Sorting by number of bytes
Floor is: 0.01% of the bytes
Sorting sub-items by number of bytes
Floor for sub-items is: 0.01% of the bytes
Redirection Report [OFF]
Failure Report [OFF]
Request Report [ON]
Columns: #requests %bytes last-time
Sorting by number of requests
Floor is: 20 requests
Sorting sub-items by number of requests
Floor for sub-items is: 10 requests
Output file is Report.html
No cache output file
Language file is lang/jp.lng
Output style is HTML
No style sheet
Domains file is lang/jpdom.tab
No header file
No footer file
Host name for title is [my organisation]
Host name unlinked
Logo for title line is analogo.gif
Image directory is images/
Displaying abbreviated bytes
The character for graph plotting is: +
The thousands separator is: ,
The thousands separator in tables is: [none]
The decimal point is: .
The page width is 65
The minimum graph width is 15
Weeks begin on Sunday
C:\TOOL\analog_416w32jp>
------
※IISのログファイルのヘッダは以下のようになっています。
#Software: Microsoft Internet Information Services 5.0
#Version: 1.0
#Date: 2003-03-31 15:00:07
#Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port
cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes
time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer)
・・・・
=====
以上