access to the raw log files

[markf]

I don't know if this topic is any where else; I did search for this in the forum.

[tjj]

I think what you are looking for is posted on our WiKi at https://wiki.sonic.net/wiki/Webalizer_W ... rmation.3F

"Where does webalizer get its information?
Actually it's farmed straight out of the raw web logs (which you can check out at /var/log/httpd/username/ on shell.sonic.net or ftp.sonic.net). The raw logs should contain a variety of environment variables supplied to www.sonic.net when a browser requests a file from us, including HTTP_REFERRER.
source (IP or name)
destination domain (eg. sonic.net)
HTTP request (normally a "GET" followed by the URL of the file in question)
HTTP response code (normally 200 for a success)
file size (in bytes)
URL of the referring site (which is where Webalizer gets the search string)
Whatever the browser identifies itself as (eg. "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)")
Take all that information for every request regarding your site and you can get all kinds of data together, namely the webalizer stats."

[markf]

No, I am looking for the raw log files or I will have to make my own through a script. I have the log files in their raw format. For some reason when I tried the path you posted, using my user name it came back as not found.

/var/log/httpd/username/ works now.

[tjj]

Which log files are you looking for? All the raw log files should be in /var/log/httpd/username/ like I posted previously.

Edit: Glad to see that they are working for you now.

[markf]

Thanks for the path Tage. I have what I was looking for. The reason is I have set up a blog and also try to help prevent spam in a couple of forums. These files will help.

EDIT: Tage, this is why I wanted direct access. This is an owned machine that is looking for exploits to root or compromise other machines. I keep a list of these and like to keep that list updated.

The Server Intrusion Blacklist http://tcats.stop-spam.org/sibl/

210.51.44.41 209.204.149.10 - [07/Jan/2012:14:54:26 -0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:14:54:26 -0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:14:54:26 -0800] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:14:54:27 -0800] "GET /pma/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:14:54:28 -0800] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:14:54:28 -0800] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:15:14:07 -0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:15:14:07 -0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:15:14:08 -0800] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:15:14:08 -0800] "GET /pma/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:15:14:09 -0800] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"
210.51.44.41 209.204.149.10 - [07/Jan/2012:15:14:09 -0800] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 - "-" "ZmEu"