Applies To:

Show Versions Show Versions

Manual Chapter: Specifying Log Formats for Hit Logs
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

14 
Many sites perform traffic analysis against the HTTP log files that their web servers generate. The WebAccelerator system creates logs, called hit logs, that contain the same sort of information that origin web servers create in their HTTP log files.
For user-defined acceleration policies, you can tailor the information that appears in the WebAccelerator systems hit logs so that they work seamlessly with whatever analysis tools you use for your origin web servers HTTP log files. Through the WebAccelerator systems logging feature, you can specify the type of information included in hit logs, as well as the format in which the WebAccelerator system should log that information. You can log HTTP and HTTPS requests together or log them separately, selecting different logging options for each. Further, you can create a customized logging format if you do not want to use the supplied standard formats.
Note: You cannot enable logging for pre-defined acceleration policies; you can only enable logging on user-defined acceleration policies. For information about how to create a user-defined acceleration policy, see Creating user-defined acceleration policies.
<application> is the name of the application, for which you are viewing the log file.
<type> indicates the type of protocol logged. An i indicates HTTP protocol and an s indicates HTTPS protocol.
Note that you can configure the WebAccelerator system to log both HTTP and HTTPS separately, or together in the same log file. For example, <type> could indicate either i or s, or i and s.
<version number> is the version number of the log file.
The lines that appear at the top of a log file are called, log headers. You can use log headers to identify the type and order of the information written to each line in the log file. Some log analysis software also uses log headers to determine how to parse a log file. The three common conventions for log headers are:
No header line
Apache web servers use this option. By default, Apache web servers write access logs in a format that is identical to the NCSA Common format.
NCSA Common or Combined headers
Netscape® servers, and their descendants (such as the iPlanet Enterprise Server) write a log header line that is unique to these family of servers. These servers generally use either the NCSA Common or Combined log format and the log header lines are comprised of keywords. For example:
W3C headers
Most Microsoft® Internet Information Services (IIS) web servers write log files in the extended log file format, which are defined by a W3C working draft. For more information, see http://www.w3.org/TR/WD-logfile.html.
The pre-defined log format options on the WebAccelerator system represent a collection of logging information that is commonly used by origin web servers and consists of:
host rfc931 username [date:time UTC_offset] "method URI?query_parameters protocol" status bytes
125.125.125.2 - - [10/Oct/2002:23:44:03 -0600]
"GET /apps/example.jsp?sessionID=34h76 HTTP/1.1" 200 3045
host rfc931 username [date:time UTC_offset] "method URI?query_parameters protocol" status bytes "referrer" "user_agent" "cookie"
125.125.125.2 - - [23/Oct/2002:23:44:03 -0600]
"GET /apps/example.jsp?sessionID=34h76 HTTP/1.1" 200 3045
"http://www.siterequest.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "UserID=ssarette;Category=PDA;Selection=Various"
date time rfc931 username host method URI query_parameters status bytes request_length time_taken protocol user_agent cookie referrer
2002-10-23 23:44:03 205.47.62.112 - 125.125.125.2 GET /apps/example.jsp sessionID=34h76 200 3045 124 138 HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0 UserID=ssarette;Category=PDA;Selection=Various http://www.siterequest.com
1.
On the Main tab of the navigation pane, expand WebAccelerator and click Applications.
The Applications screen opens in a new window.
2.
On the Main tab of the navigation pane in the new window, click Policies.
The Policies screen opens, displaying a table of user-defined and pre-defined acceleration policies.
3.
On the User-defined Acceleration Policies table, click the Logging link next to the acceleration policy for which you want to configuring logging.
4.
If you want the WebAccelerator system to create individual logs for the HTTP and HTTPS protocols, check the box for Log HTTP and HTTPS requests separately in the What to Log area.
The screen refreshes with additional HTTP Log options.
6.
If you select Log all transactions, or Only log transactions served from cache, then select a format for the HTTP logs from the Log Format list.
7.
In the HTTPS Log area (available only if you are logging HTTP and HTTPS separately), click the button next to the following options as required:
8.
If you select Log all transactions, or Only log transactions served from cache, then select a format for the HTTPS logs from the Log Format list.
9.
Click the Save button.
If you require information that is not included in the pre-defined log formats, the WebAccelerator system provides you with an option to create customized log formats.
1.
On the Main tab of the navigation pane, expand WebAccelerator and click Applications.
The Applications screen opens in a new window.
2.
On the Main tab of the navigation pane in the new window, click Policies.
The Policies screen opens, displaying a table of user-defined and pre-defined acceleration policies.
3.
On the User-defined Acceleration Policies table, click the Logging link next to the acceleration policy for which you want to configuring logging.
4.
If you want the WebAccelerator system to create individual logs for the HTTP and HTTPS protocols, check the box for Log HTTP and HTTPS requests separately in the What to Log area.
The screen refreshes with additional HTTP Log options.
5.
In the Logs area (or HTTP Logs area, if you are logging HTTP and HTTPS separately), click the button next to the following options as required:
If you select Log all transactions or Only log transactions served from cache, the screen refreshes, displaying additional options.
If you select Do not log, skip to Step 7.
6.
From the Log Format list, select a format for the logs.
If you select a log format from the list, skip to Step 7.
Optionally, click the New button to create a create a new log format.
The New Log Format screen opens.
a)
In the Name box, type a descriptive name for the new log format that you are creating.
b)
From the Header Format Type list, select a format type.
c)
From the Format Text list, select a component, one at a time, and then click the Add button.
d)
Click the Preview button to view the a sample of the log format you created.
e)
Click the Save button to save the new log format. The Log Format screen refreshes, displaying the new log format in the Log Format list.
f)
From the Log Format list, select the log format that you created.
7.
In the HTTPS Log area (available only if you are logging HTTP and HTTPS separately), click the button next to the following options as required:
If you select Log all transactions or Only log transactions served from cache, the screen refreshes, displaying additional options. repeat Step 6.
8.
Click the Save button.
The Policies screen opens.
This section of the chapter provides information about how to configure an example customized log format. For this example, you want your hit logs to contain the following information:
Your origin web servers are all running Apache, so you want your log lines to follow the NCSA Common (No Header) formatting convention, as follows:
xxx.xxx.xxx.xxx [date:time UTC_offset] "Method uri?query_parameter HTTP_ver" response_status response_length
However, you want one to customize the NCSA Common (no header) log format to add an additional field that includes the origin web server host name and IP address.
To customize the NCSA Common (no header) log format with the origin web server information
1.
On the Main tab of the navigation pane, expand WebAccelerator and click Applications.
The Applications screen opens in a new window.
2.
On the Main tab of the navigation pane in the new window, click Policies.
The Policies screen opens, displaying a table of user-defined and pre-defined acceleration policies.
3.
On the User-defined Acceleration Policies table, locate the name of the acceleration policy for which you want to configure logging and click the associated Logging link in the Tools column.
The log format screen opens.
4.
In the Logs area, click the Log all transactions button.
5.
From the Log Format list, select NCSA Common (no header) and click the Edit button.
The edit log format screen opens.
6.
In the Name box, type a meaningful name for the log.
7.
From the Format Text list on the right side of the screen, select Hostname/IP of Origin Server and click the Add button.
The %B symbol appears in the Log Item Format box. Verify that there is a space before %B symbol in the Log Item Format box. If there is not, manually add a space.
8.
Click the Save button.
The log format screen opens.
9.
From the Log Format menu, select the new log format that you created.
10.
Click the Save button.

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)