GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
RESLOG(1) User Contributed Perl Documentation RESLOG(1)

reslog - Reverse-resolve IP in Apache log files

 reslog [options] [logfile...]
 reslog [-h|-v]

reslog resolves IPs in Apache(8) log files. The result can then be analyzed by another program, like Analog. You can think of it as a replacement of the Apache(8) "HostNameLookups" directive, in the sense that it resolves client IPs altogether once a day.

Resolving takes long time. This is mainly caused by resolving: Network packets may be filtered by firewalls; DNS servers may not be correctly configured; may not be up working; may sit in slow network sections; may be old slow machines; may have traffic jam... etc. All these reasons are out of our control.

If it stops in the middle of its execution, as when the user hits a "Ctrl-Break", it may leave a temporary working file. The next time it runs, it will stop when it sees that temporary working file at the first sight. Please process that file first. You can resolve it again, just like an ordinary log file.

This prorgam needs temporary working space. Between memory and disk space, I choose disk space, since it is cheaper and may be available in more environments. However, this means that it needs free temporary disk space about 2 times of the size of the source log log file (10 times if using memory). Please make sure you have that much free space.

I suggest you to install File::MMagic(3) instead of counting on the file executable. The internal magic file of File::MMagic(3) seems to work better than the file(1) executable. reslog treats everything not gzip(1) nor bzip2(1) compressed as plain text. When a compressed log file is wrongly recognized as an image, reslog will treat it as plain text, read log records directly from it and fail. This failure does not hurt the source log files, but is still annoying.

logfile
The log file to be resolved. If not specified, it will read from "STDIN" and output to "STDOUT". You can also specify "-" to read from "STDIN". Multiple log files are supported. If one of these files are "STDIN", it will output to "STDOUT". gzip(1) or bzip2(1) compressed files are supported, too.
-k,--keep mode
What to keep in the source file. Currently the following modes are supported:
a,all
Keep the source file after records are resolved.
r,restart
Restart the source file after records are resolved.
d,delete
Delete the source file after records are resolved. This is the default.
-o,--override mode
Whether we should overwrite the existing resolved files. Currently the following modes are supported:
o,overwrite
Overwrite any existing target file.
a,append
Append the records to the existing target file.
f,fail
Stop processing whenever a target file exists, to prevent destroying any existing files by accident. This is the default.
-s,--suffix suf
The suffix to be appended to the output file. If not specified, the default is ".resolved".
-t,--trim-suffix suf
The suffix to be trimmed from the input file name before appending the above suffix. Default is none. If you are running several log file filters, this can help you trim the suffix of the previous one.
-n,--num-threads n
Number of threads to run simultaneously. The default is 10. Use 0 to disable threading. This option has no effect on systems that does not support threading.
-c, --stdout
Output the result to "STDOUT".
-d, --debug
Show the detailed debugging messages.
-q, --quiet
Shihhhhhh. Only yell when errors.
-h, --help
Display the help message and exit.
-v, --version
Output version information and exit.

3.11

Copyright (c) 2000-2007 imacat.

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

imacat <imacat@mail.imacat.idv.tw>.

You may visit reslog's website at: <http://reslog.sourceforge.net/>, <http://search.cpan.org/dist/reslog/> or <http://www.imacat.idv.tw/tech/reslog.html>.

reslog has a mailing list reslog-users@lists.sourceforge.net. If you have any question, comment, bug report, patch, please send it to the mailing list. You may join the mailing list at <https://lists.sourceforge.net/lists/listinfo/reslog-users>. Do not send mails directly to me unless you have private business with me. The mailing list has an archive. People having the same trouble as you may search the archive, find the answer and save a lot of time.

Multi-lingual support, with Traditional and Simplified Chinese messages.

Compress::Zlib(3), Compress::Bzip2(3), perlthrtut(1), gzip(1), zlib(3), bzip2(1).
2007-12-03 perl v5.32.1

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.