Teaching:TUW - UE InfoVis WS 2005/06 - Gruppe G3 - Aufgabe 3

From InfoVis:Wiki
Jump to navigation Jump to search

Topic: Webserver Logfile Visualization

Application Area Analysis

Dataset Analysis

The Common Logfile Format

According to the World Wide Web Consortium the Common Logfile Format is as follows: 

   remotehost rfc931 authuser [date] "request" status bytes

remotehost: Remote hostname (or IP number if DNS hostname is not available, or if DNSLookup is Off.

rfc931: The remote logname of the user.

authuser: The username as which the user has authenticated himself.

[date]: Date and time of the request.

"request": The request line exactly as it came from the client.

status: The HTTP Status Code returned to the client.

bytes: The content-length of the document transferred. [1][W3C]

Project Example Data

The example data our group is using the Combined Logfile Format (describtion taken from [3][Apa], which adds two further Positions:

Referer: This gives the site that the client reports having been referred from

Agent: The User-Agent HTTP request header. This is the identifying information that the client browser reports about itself.

One entry in the logfile looks as follows: 

  128.131.167.8 - - [16/Oct/2005:09:56:22 +0200] "GET /skins/monobook/external.png HTTP/1.1" 200 1178 "http://www.infovis-wiki.net/index.php/Main_Page" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"

remotehost: 128.131.167.8

rfc931: -

authuser: -

[date]: [16/Oct/2005:09:56:22 +0200]

"request": "GET /skins/monobook/external.png HTTP/1.1"

status: 200

bytes: 1178

Referer: "http://www.infovis-wiki.net/index.php/Main_Page"

Agent: "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"

The whole example Data File can be downloaded here.

Datatypes

Target Group Analysis

Aim of the Visualization

The Goals of Visualization

Visualization of logsfile is intended to

  • alert you to suspicious activity that requires further investigation
  • determine the extent of an intruder's activity (if anything has been added, deleted, modified, lost, or stolen)
  • help you recover your systems
  • provide information required for legal proceedings
  • draw conclusions about the popularity and/or usability of certain pages or areas of the site.

Designproposal

References

[1][W3C] World Wide Web Consortium, Logging Control In W3C httpd. Created at: July, 1995. Retrieved at: November 16, 2005. http://www.w3.org/Daemon/User/Config/Logging.html#common-logfile-format.

[2][Apa] The Apache Software Foundation, Apache HTTP Server: Log files. Retrieved at: November 16, 2005. http://httpd.apache.org/docs/1.3/logs.html

Retrieved from "https://infovis-wiki.net/w/index.php?title=Teaching:TUW_-_UE_InfoVis_WS_2005/06_-_Gruppe_G3_-_Aufgabe_3&oldid=7997"