-
-
Save soheilpro/a34957550b1bd7d42be2 to your computer and use it in GitHub Desktop.
| goaccess -f u_ex150629.log --log-format "$(cat u_ex150629.log | ./goiisformat.sh)" --date-format '%Y-%m-%d' --time-format '%H:%M:%S' |
| #!/usr/bin/env sh | |
| while read line; do | |
| if [[ $line == \#Fields:* ]]; then | |
| line=${line/\#Fields: /} | |
| line=${line/date/%d} | |
| line=${line/time/%t} | |
| line=${line/s-sitename/%^} | |
| line=${line/s-computername/%^} | |
| line=${line/s-ip/%^} | |
| line=${line/cs-method/%m} | |
| line=${line/cs-uri-stem/%U} | |
| line=${line/cs-uri-query/%^} | |
| line=${line/s-port/%^} | |
| line=${line/cs-username/%^} | |
| line=${line/c-ip/%h} | |
| line=${line/cs-version/%H} | |
| line=${line/cs(User-Agent)/%u} | |
| line=${line/cs(Cookie)/%^} | |
| line=${line/cs(Referer)/%R} | |
| line=${line/cs-host/%^} | |
| line=${line/sc-status/%s} | |
| line=${line/sc-substatus/%^} | |
| line=${line/sc-win32-status/%^} | |
| line=${line/sc-bytes/%b} | |
| line=${line/cs-bytes/%^} | |
| line=${line/time-taken/%L} | |
| echo $line | |
| exit; | |
| fi | |
| done |
another example for anyone
goaccess u_ex191124.log --log-format '%d %t %^ %m %r - %^ - %h %u %s %^ %T' --date-format '%Y-%m-%d' --time-format '%H:%M:%S'
I am facing an error src/parser.c - read_log - 3297
Can anyone help me to pass the iis logs ,Please its urgent...
My 2 cents
goaccess --log-format '%d %t %^ %v %^ %m %U %q %^ %e %h %^ %u %R %^ %s %^ %^ %b %^ %L' --date-format '%Y-%m-%d' --time-format '%H:%M:%S' -o stats.html -f *.log
for the following header
date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
small optimization. only get first 15 lines to avoid cat a large log file
--log-format "$(head -15 mylogfile.txt| ./goiisformat.sh)"
also I wanted the query string to used this:
#!/usr/bin/env sh
while read line; do
if [[ $line == \#Fields:* ]]; then
line=${line/\#Fields: /}
line=${line/date/%d}
line=${line/time/%t}
line=${line/s-sitename/%^}
line=${line/cs-method/%m}
line=${line/cs-uri-stem/%U}
line=${line/cs-uri-query/%q}
line=${line/s-port/%^}
line=${line/cs-username/%^}
line=${line/c-ip/%h}
line=${line/cs(User-Agent)/%u}
line=${line/cs(Cookie)/%^}
line=${line/cs(Referer)/%R}
line=${line/cs-host/%^}
line=${line/sc-status/%s}
line=${line/sc-substatus/%^}
line=${line/sc-win32-status/%^}
line=${line/sc-bytes/%b}
line=${line/cs-bytes/%^}
line=${line/time-taken/%L}
echo $line
exit;
fi
done
I've just been asked to analyze some old IIS log files. The web server, an IIS v. 6 was configured to log using the W3C extended format.
I ended up using goaccess like this:
goaccess -f all.log --log-format '%d %t %^ %^ %m %U %^ %^ %^ %h %u %s %^ %^' --date-format '%Y-%m-%d' --time-format '%H:%M:%S'