Web Analysis Using Analog

Every web site needs a way to get accurate statitics—here's a freely available program to give you that information.
Monthly Text Report Configuration Files

I mail a monthly report of web stats to a few of my customers who aren't on-line and who have found the daily reports were too long to print and took too much time to edit. To solve the problem and save time, I created month-vhost.cfg files which create ASCII text format reports. The month-vhost.cfg files are used in conjunction with the individual configuration files described above. A sample month-vhost.cfg file is shown in Listing 4. To produce the monthly text reports, +a is used on the command line to designate ASCII output:

analog -G +gmonth-vhost1.cfg +gwidgets.cfg\
+Owidget.txt +a

Listing 4

Server Activity Configuration File

As I'm responsible for the entire system, it's important to have a review of the overall picture, including all our hosts. To accomplish this, I have a separate activity configuration file and run Analog once a day with a cron entry. The activity configuration file includes the log files for all hosts, and this requires giving extra information to Analog so it can format the results; otherwise, /index.html would be considered as belonging to one host. Commands in configuration files must be on one line. The LOGFILE command allows you to specify the name of the host corresponding to the log file (ignore line wrap):

LOGFILE /var/log/httpd/access_log
 http://main-isp.com/LOGFILE /var/log/httpd/vhost1.com-access_log
 http://vhost1.com
Keeping Information Private

Our daily reports are published on the Web, so I prefer to keep cgi-bin information confidential. A daily webmaster e-mail report (described below) takes care of informing me of web-related exploits, so the information isn't required on the public reports. The cgi-bin directories and file names need to be aliased so that this information isn't available to the public. Analog can use output aliases to give control over how a file or directory is displayed within reports. This can be used to keep complete path and file names from the public, if desired. I use the following alias commands in my master.cfg files to translate cgi-bin path and file information to simply admin (ignore line wrap):

REQOUTPUTALIAS */cgi-bin/* "admin"
DIROUTPUTALIAS */cgi-bin/* "admin"
FAILOUTPUTALIAS */cgi-bin/* "admin"
FAILREFOUTPUTALIAS */cgi-bin/* "admin"
TYPEOUTPUTALIAS */cgi-bin/* "admin"
REFOUTPUTALIAS http://main-isp.com/cgi-bin/*  "admin"
REDIROUTPUTALIAS */cgi-bin/* "admin"

The last two items are used in Virtual Host master.cfg files, so we're still not giving away information on other local hosts in referral reports. If you want to be more specific, you could alias file names to match what they do, such as the following line (ignore wrap):

REQOUTPUTALIAS */cgi-bin/bannerpro.pl* "Banner Program"

Excluding Pages and Requests

I have a number of partial pages such as footers, sidebars and headers in a global directory that could cause Analog to inflate the request totals out of proportion. When you exclude information, it usually relates to the entire host, so it makes sense to use exclude commands in the master.cfg instead of in individual page or site configuration files. To exclude global directory accesses from being counted as requests, I use the command:

REQEXCLUDE */global/*

Partial web pages, such as header-and footer-type files, can also be excluded individually with the PAGEEXCLUDE command:

PAGEEXCLUDE */footer.html
or (for those who use PHP):
PAGEEXCLUDE */footer.php3

Daily Webmaster E-mail

I use a small script to receive a daily Webmaster report. This is basically the same as the Activity report, but it includes information that's excluded from the public version. When I read my e-mail in the morning, I can see the status of my system over the last 24 hours. The script runs from cron, and since Analog will send results to STDOUT if no outfile is listed, I use this to my advantage. The output becomes the body of the e-mail. A bare-basics webmaster.cfg file is included in Listing 5.

Listing 5

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix