Teaching:TUW - UE InfoVis WS 2005/06 - Gruppe G3 - Aufgabe 3
Topic: Webserver Logfile Visualization
Application Area Analysis
Dataset Analysis
The Common Logfile Format
According to the World Wide Web Consortium the Common Logfile Format is as follows:
remotehost rfc931 authuser [date] "request" status bytes
remotehost: Remote hostname (or IP number if DNS hostname is not available, or if DNSLookup is Off.
rfc931: The remote logname of the user.
authuser: The username as which the user has authenticated himself.
[date]: Date and time of the request.
"request": The request line exactly as it came from the client.
status: The HTTP Status Code returned to the client.
bytes: The content-length of the document transferred. [1][W3C]
Combined Logfile Format
The example data our group was given is using the Combined Logfile Format, which adds two further Positions to the Common Logfile Format (see [2][Apa]):
Referer: This gives the site that the client reports having been referred from
Agent: The User-Agent HTTP request header. This is the identifying information that the client browser reports about itself.
One entry in the logfile looks as follows:
128.131.167.8 - - [16/Oct/2005:09:56:22 +0200] "GET /skins/monobook/external.png HTTP/1.1"
200 1178 "http://www.infovis-wiki.net/index.php/Main_Page" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.0)"
remotehost: 128.131.167.8
rfc931: -
authuser: -
[date]: [16/Oct/2005:09:56:22 +0200]
"request": "GET /skins/monobook/external.png HTTP/1.1"
status: 200
bytes: 1178
Referer: "http://www.infovis-wiki.net/index.php/Main_Page"
Agent: "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
The whole example data file can be downloaded here.
Datatypes
Target Group Analysis
Target Group of Visualization
The usability of visualization in simulation includes visual processing in both static and dynamic form. The simulation database, the experiment process or its results are represented in a static form, e. g. as tables or diagrams. Also interaction with the simulation model and the direct manipulation of the model take place by using a graphical representation. The dynamic illustration of a process by animation makes it easier to understand complex issues. Therefore, the user interface and the visual aspect of our project will be developed and implemented using flash and XML. We think that, it will be better to understand for each user the predictable representations of given data by audio-visual design. 1- Administrators 2- Web users 3- Web designers 4- Advertising companies 5- Software companies (who developed browsers and web based applications)
Aim of the Visualization
The Goals of Visualization
Visualization of logsfile is intended to
- alert you to suspicious activity that requires further investigation
- determine the extent of an intruder's activity (if anything has been added, deleted, modified, lost, or stolen)
- help you recover your systems
- provide information required for legal proceedings
- draw conclusions about the popularity and/or usability of certain pages or areas of the site.
Designproposal
References
[1][W3C] World Wide Web Consortium, Logging Control In W3C httpd. Created at: July, 1995. Retrieved at: November 16, 2005. http://www.w3.org/Daemon/User/Config/Logging.html#common-logfile-format.
[2][Apa] The Apache Software Foundation, Apache HTTP Server: Log files. Retrieved at: November 16, 2005. http://httpd.apache.org/docs/1.3/logs.html