Memo of using analog to measure website traffic

July 6th, 2012 by xrigher Leave a reply »

A sudden heavy load was detected on our server. On this server the only public service is https which serves a few websites. I check the auth logs and didn’t find anything abnormal. So I wonder it’s some sudden heavy requests were thrown on the apache server. I have never used any web log analyzer before, and googled a little and found analog should do the job for me. Here is just a memo of what I did today.

Install the analog package

On a debian/ubuntu server, one can easily install analog by:
#> (sudo) apt-get install analog
On windows, one can simply download the latest binary package, extract it, and then use it.

Basics of analog

Analog is a program that is used to analyze the apache logs and show the statics that may interest you.

To use analog, you need to provide it a config file, telling it where the logs are, and where to output the results, and what things should be in the results. The default config file in debian (if you install it by “apt-get”) will be /etc/analog.cfg. You can edit the file and then run analog without any parameter. Here is an example:

<VirtualHost 212.87.82.24>
# tell analog where the log file is
LOGFILE /var/log/apache2/access.log
# tell analog where and the format to output the result
OUTFILE /home/me/host.stat.html
# the name of the host. this will be part of the title of the report.
HOSTNAME "ONTILES.COM"
# the link of the host.
HOSTURL "http://www.ontiles.com/"
# analog use some simple images to show the bars or to make the report more friendly. If you installed analog by "apt-get", there are under "/usr/share/analog/images/"; if you installed analog by download the binary package, the images directory is under the extracted root directory.
IMAGEDIR "/usr/share/analog/images/"

How to use a different config file and how to analyse more than one website

see this great article HOW-TO Use Analog for Virtual Hosts (Using Separate Logfiles)

How to show different sections or columns

analog can show the report by hourly, daily, monthly or yearly. Each can be a section in the report. And in each section, you can choose what things to show. Refer to http://www.analog.cx/docs/timereps.html & http://www.analog.cx/docs/othreps.html to see the things you can show.

One can find the detail document here: http://www.analog.cx/docs/Readme.html

Advertisement

Leave a Reply