Hey Tom,
Thanks for using my extended format.
I've long ago abandoned awstats, but the format is based on the idea you
should be able to use it with tools like awstats out of the box. I do not know
if this still works, but if it does not, it's realtively simple to just cut
after the user-agent and end up with the original combined format (with the
socalled "logname" being replaced with the GEOIP country code - if you have
that configured; it's unfortunately not explained in the tutorials).
So I think you should get it to run one way or the other. If you do, please
report back.
Cheers,
Christian
On Wed, Jun 10, 2020 at 07:46:44PM +0000, Tom Misilo wrote:
> I was wondering if anyone has setup AWStats with the access log with a logformat similar to
> LogFormat "%h %{GEOIP_COUNTRY_CODE}e %u [%{%Y-%m-%d %H:%M:%S}t.%{usec_frac}t] \"%r\" %>s %b \
> \"%{Referer}i\" \"%{User-Agent}i\" \"%{Content-Type}i\" %{remote}p %v %A %p %R \
> %{BALANCER_WORKER_ROUTE}e %X \"%{cookie}n\" %{UNIQUE_ID}e %{SSL_PROTOCOL}x %{SSL_CIPHER}x \
> %I %O %{ratio}n%% %D %{ModSecTimeIn}e %{ApplicationTime}e %{ModSecTimeOut}e \
> %{ModSecAnomalyScoreInPLs}e %{ModSecAnomalyScoreOutPLs}e \
> %{ModSecAnomalyScoreIn}e %{ModSecAnomalyScoreOut}e" extended
>
> I had been following the tutorial located here https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/ that had this recommended LogFormat.
>
>
> Thanks,
> Tom
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
|
