You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Melanie Pfefer <me...@yahoo.co.uk> on 2009/09/08 09:11:23 UTC

[users@httpd] audit logs

Hi,

Before I build a script, I would like to know if anybody thought of auditing the apache log so that it reports the logins of the users who tried to access a certain folder, regardless whether the access was successful (Http response 200) or not (401 and 304)

thanks


      


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] audit logs

Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.

On 08.09.09 07:11, Melanie Pfefer wrote:
> Before I build a script, I would like to know if anybody thought of
> auditing the apache log so that it reports the logins of the users who
> tried to access a certain folder, regardless whether the access was
> successful (Http response 200) or not (401 and 304)

401 does NOT mean usuccessfull attempt as you apparently mean it. 401
usually happens when the browser tries to access an object for the first
time, 401 means that client has to send auth infromations. When user gives
those informations (e.g. login and password), browser resubmits the request
witht he provbided informations.

304 also does not mean unsuccessfull request. It means successfull request,
but the client provided it has the same version of object cached, so server
responds wiht "304 not modified" so client can reuse the cached content.

(first) successfull request usually means two requests, first is refused
with 401, second request leads to 200 or 304.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool. 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] audit logs

Posted by André Warnier <aw...@ice-sa.com>.

Melanie Pfefer wrote:
> Hi,
> 
> Before I build a script, I would like to know if anybody thought of auditing the apache log so that it reports the logins of the users who tried to access a certain folder, regardless whether the access was successful (Http response 200) or not (401 and 304)
> 
Not to discourage you, but before you build your own script, you may 
want to have a look at the following :

http://www.mrunix.net/webalizer/
http://awstats.sourceforge.net/


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org