Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Awstats log analysis (actual combat)

2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/03 Report--

Environmental preparation

CentOS 7-4VR 192.168.18.148Murray-> server

Win 7-1 Flux 192.168.18.129 Murray-> client

Install service in CnetOS 7-4: [root@localhost ~] # yum install bind httpd-y configure DNS service in CnetOS 7-4: [root@localhost ~] # vim / etc/named.confoptions {listen-on port 53 {any;}; # 127.0.0.1 changed to any listen-on-v6 port 53 {:: 1;}; directory "/ var/named" Dump-file "/ var/named/data/cache_dump.db"; statistics-file "/ var/named/data/named_stats.txt"; memstatistics-file "/ var/named/data/named_mem_stats.txt"; recursing-file "/ var/named/data/named.recursing"; secroots-file "/ var/named/data/named.secroots"; allow-query {any;} # localhost to any# after modification, press Esc to exit insert mode, enter: wq save exit [root@localhost ~] # vim / etc/named.rfc1912.zones# add the following five lines zone "kgc.com" IN {type master; file "kgc.com.zone"; allow-update {none;};} # Press Esc to exit insert mode after modification Enter: wq save exit [root@localhost ~] # cd / var/named/ [root@localhost named] # cp-p named.localhost kgc.com.zone [root@localhost named] # vim kgc.com.zone# delete the last line and then insert the following www IN A 192.168.18.148 [root@localhost named] # systemctl start named [root@localhost ~] # vim / etc/httpd/conf/httpd.confListen 192.168.18.148var/named/ 80 # 41 to delete the comment IP address is linux address # Listen 80 # 42 add comment ServerName www.kgc.com:80 # 95 line make this change # press Esc to exit insert mode after modification, enter: wq save exit [root@localhost ~] # systemctl stop firewalld.service [root@localhost ~] # setenforce 0 [root@localhost ~] # systemctl start httpdwin7-1 client verification operation: first modify the DNS resolution address IP:192.168.18.148 in the network adapter

At this point, you can enter: www.kgc.com in the browser to access the Apache test web page

At this point, you can install Awstats [root @ localhost ~] # cd / var/log/httpd/ [root@localhost httpd] # cat access_log192.168.18.129-[16/Dec/2019:13:31:15 + 0800] "GET / HTTP/1.1" 403 4897 "-" Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729) in CnetOS 7-4. .net CLR 3.0.30729; Media Center PC 6.0) ". The following multiple lines are omitted # at this time, you can see the record accessed by the address of 129. [root@localhost httpd] # mkdir / aaa [root@localhost httpd] # mount.cifs / / 192.168.10.190/rpm / aaaPassword for root@//192.168.10.190/rpm: [root@localhost httpd] # cd / aaa [root@localhost aaa] # lsapr-1.6.2.tar.gz hzw.jpeg phpapr -util-1.6.0.tar.gz inotify-tools-3.14.tar.gz redis-5.0.7.tar.gzawstats-7.6.tar.gz jdk ruby-2.4.1.tar.gz [root@localhost aaa] # tar zxvf awstats-7.6.tar.gz-C / opt/ [root@localhost aaa] # cd / opt/ [root@localhost opt] # mv Awstats-7.6/ / usr/local/awstats [root@localhost opt] # cd / usr/local/ [root@localhost local] # lsawstats bin etc games include lib lib64 libexec sbin share src [root@localhost local] # cd awstats/tools/ [root@localhost tools] # lsawstats_buildstaticpages.pl dolibarr maillogconvert.pl xsltawstats_configure.pl geoip_generator.pl nginxawstats_exportlib.pl httpd_conf urlaliasbuilder.plawstats_updateall.pl logresolvemerge .pl webmin [root@localhost tools] #. / awstats_configure.pl. Omit multiple lines Enter full config file path of your Web server.Example: / etc/httpd/httpd.confExample: / usr/local/apache2/conf/httpd.confExample: C:\ Program files\ apache group\ apache\ conf\ httpd.confConfig file path ('none' to skip web server setup): > / etc/httpd/conf/httpd.conf # enter the configuration file path for Apache. Omit multiple lines Do you want me to build a new AWStats config/profilefile (required if first install) [y Do you want me to build a new AWStats config/profilefile N] here? Y # confirm to create a new. Omit multiple lines of Your web site here Virtual server or profile name: > www.kgc.com # enter the domain name-> Define config file pathIn which directory do you plan to store your config file (s)? Default: / etc/awstatsDirectory path to store config file (s) (Enter for default): > # enter directly-> Restart Web server with'/ sbin/service httpd restart'Redirecting to / bin/systemctl restart httpd.service # will restart the apache service at this time. Omit multiple lines of Press ENTER to continue... here # enter directly. Omit multiple lines here > perl awstats.pl-update-config=www.kgc.comYou can also read your statistics for 'www.kgc.com' with URL: > http://localhost/awstats/awstats.pl?config=www.kgc.com # prompt the access path, enter in the address bar to see the log to visit the web page of the system Press ENTER to finish... # enter directly # check whether there is an awstats module in the Apache configuration file: [root@localhost tools] # cd / etc/httpd/conf [root@localhost conf] # vim httpd.conf# press the capital G to the last line, you can see the newly added awstats content, as follows: # pay attention to the need to modify permissions! Alias / awstatsclasses "/ usr/local/awstats/wwwroot/classes/" Alias / awstatscss "/ usr/local/awstats/wwwroot/css/" Alias / awstatsicons "/ usr/local/awstats/wwwroot/icon/" ScriptAlias / awstats/ "/ usr/local/awstats/wwwroot/cgi-bin/" # # This is to permit URL access to scripts/files in AWStats directory.# Options None AllowOverride None# Order allow Deny this line needs to be commented out # Allow from all this line needs to be commented out Require all granted # add this line Allow everyone to access # modify and press Esc to exit the insert mode, enter: wq save exit [root@localhost conf] # cd / etc/awstats/ [root@localhost awstats] # lsawstats.www.kgc.com.conf [root@localhost awstats] # vim awstats.www.kgc.com.confLogFile= "/ var/log/httpd/access_log" # 50 line, change to the location of the access_log log file to be monitored DirData= "/ var/lib/awstats" # 220 line The data storage location of the analysis log does not exist by default. You need to create # modify and press Esc to exit the insertion mode. Enter: wq save exit [root@localhost awstats] # lcd / var/lib/ [root@localhost lib] # lsAccountsService alsa alternative authconfig bluetooth certmonger chrony color colord dav. The following omits many items # No awstats file at this time, you need to manually create [root@localhost lib] # mkdir awstats [root@localhost awstats] # systemctl restart httpd # restart service verification: enter the following URL in the browser address bar of win 7-1 to access the Awstats web page: http://localhost/awstats/awstats.pl?config=www.kgc.com, but the visit is not counted at this time, you need to use the second tool

[root@localhost awstats] # cd / usr/local/awstats/ [root@localhost awstats] # cd tools/ [root@localhost tools] #. / awstats_updateall.pl now # Update data Running'"/ usr/local/awstats/wwwroot/cgi-bin/awstats.pl"-update-config=www.kgc.com-configdir= "/ etc/awstats"'to update config www.kgc.comCreate/Update database for config "/ etc/awstats/awstats.www.kgc.com.conf" by AWStats Version 7.6 (build 20161204) From data in log file "/ var/log/httpd/access_log"... Phase 1: First bypass old records Searching new record...Searching new records from beginning of log file...Phase 2: Now process new records (Flush history on disk after 20000 hosts)... Jumped lines in file: 0Parsed lines in file: 43 Found 0 dropped records, Found 0 comments, Found 0 blank records, Found 0 corrupted records, Found 0 old records, Found 43 new qualified records. At this point, the data of statistical analysis will change:

Automatically update data through scheduled tasks: because every time you want to see the latest log statistics, you have to execute a script to update the data, which we can optimize using periodic scheduling tasks: [root@localhost tools] # crontab-estranged beat 5 * / usr/local/awstats/tools/awstats_updateall.pl now # update every 5 minutes # after inserting content, press Esc to exit insert mode Enter: wq save exit crontab: installing new crontab# will prompt for a new scheduled task [root@localhost tools] # systemctl start crond you have email optimization web address in / var/spool/mail/root: because the length of the url address is too long, we can optimize this here: [root@localhost tools] # cd / var/www/html [root@localhost html] # vim aws.html # press Esc to exit insert mode after inserting the content Enter: wq save exit verification: enter: http://www.kgc.com/aws.html in the browser address bar in win 7-1 to directly access the Awstats log analysis web page

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report