Web Server Log File Samples - IIS and Apache

This section provides a quick introduction of Web server log files with examples of IIS and Apache servers.

Web Log File: A file produced by a Web server to record activities on the Web server. It usually has the following features:

1. IIS (Internet Information Service) Samples: Here are some sample records from an IIS server log file:

02:49:12 127.0.0.1 GET / 200
02:49:35 127.0.0.1 GET /index.html 200
03:01:06 127.0.0.1 GET /images/sponsered.gif 304
03:52:36 127.0.0.1 GET /search.php 200
04:17:03 127.0.0.1 GET /admin/style.css 200
05:04:54 127.0.0.1 GET /favicon.ico 404
05:38:07 127.0.0.1 GET /js/ads.js 200

The record format is very simple. It has fields for: time, client IP address, request command, requested file, and response status code.

2. Apache Samples: Here are some sample records from an Apache server log file:

192.168.198.92 - - [22/Dec/2002:23:08:37 -0400] "GET 
   / HTTP/1.1" 200 6394 www.yahoo.com 
   "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1...)" "-"
192.168.198.92 - - [22/Dec/2002:23:08:38 -0400] "GET 
   /images/logo.gif HTTP/1.1" 200 807 www.yahoo.com 
   "http://www.some.com/" "Mozilla/4.0 (compatible; MSIE 6...)" "-"
192.168.72.177 - - [22/Dec/2002:23:32:14 -0400] "GET 
   /news/sports.html HTTP/1.1" 200 3500 www.yahoo.com 
   "http://www.some.com/" "Mozilla/4.0 (compatible; MSIE ...)" "-"
192.168.72.177 - - [22/Dec/2002:23:32:14 -0400] "GET 
   /favicon.ico HTTP/1.1" 404 1997 www.yahoo.com 
   "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3)..." "-"
192.168.72.177 - - [22/Dec/2002:23:32:15 -0400] "GET 
   /style.css HTTP/1.1" 200 4138 www.yahoo.com 
   "http://www.yahoo.com/index.html" "Mozilla/5.0 (Windows..." "-"
192.168.72.177 - - [22/Dec/2002:23:32:16 -0400] "GET 
   /js/ads.js HTTP/1.1" 200 10229 www.yahoo.com 
   "http://www.search.com/index.html" "Mozilla/5.0 (Windows..." "-"
192.168.72.177 - - [22/Dec/2002:23:32:19 -0400] "GET 
   /search.php HTTP/1.1" 400 1997 www.yahoo.com 
   "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; ...)" "-"

The record format is more complex. The records are also very long. I am breaking them into multiple lines. Some fields are easy to understand, like client IP address, date and time, request command line, response status and size, referring URL, and browser name. I don't know what the other fields are.

Table of Contents

 About This Book

 Introduction to Microsoft Windows

 Introduction to Windows Explorer

 Introduction to Internet Explorer

 "Paint" Program and Computer Graphics

 GIMP - GNU Image Manipulation Program

 JPEG Image File Format Quality and Size

 GIF Image File Format and Transparent Background

 "WinZip" - ZIP File Compression Tool

 "WinRAR" - RAR and ZIP File Compression Tool

 FTP Server, Client and Commands

 "FileZilla" - Free FTP Client and Server

Web Server Log Files and Analysis Tool - "Analog"

Web Server Log File Samples - IIS and Apache

 Installing "Analog" - Web Log File Analysis Tool

 Configuring "Analog" to Process Log Files

 Processing Apache Log Files with "Analog"

 Spyware Adware Detection and Removal

 IE Addon Program Listing and Removal

 Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal

 Trojan and Malware "Puper" Description and Removal

 VSToolbar (VSAdd-in.dll) - Description and Removal

 Spybot - Spyware Blocker, Detection and Removal

 Setting Up and Using Crossover Cable Network

 Home Network Gateway - DSL Modem/Wireless Router

 Windows Task Manager - The System Performance Tool

 "tasklist" Command Line Tool to List Process Information

 "msconfig" - System Configuration Tool

 Configuring and Managing System Services

 Windows Registry Key and Value Management Tools

 Startup Programs Removal for Better System Performance

 Winsock - Windows Sockets API

 Java on Windows

 Glossary of Terms

 Outdated Tutorials

 References

 PDF Printing Version