This is a description of the inexpensive methods I devised to extract and tally records of interest in order to analyze webserver logfiles for potential security problems, compromise attempts, while also obtaining IP address statistics. The tools= used are the Unix fgrep utility and Analog, the freely distributed logfile analysis tool for multiple platforms. These techniques can easily be adapted to the logfiles produced by almost any platform and use other text extraction utilities than fgrep. If implemented on another site, the adaptation process will require some analysis of the logfiles of a given site as well as additional customization to eliminate 'false positives' without the introduction of 'false negatives.'
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
