ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Logfile Analysis"

From ForensicsWiki
Jump to: navigation, search
m (New page: Web logfile analytics software can process a log file and print a clever report. Normally this software is used by organizations that want to know how their website is doing, but it can al...)
 
(Windows)
 
(14 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Web logfile analytics software can process a log file and print a clever report. Normally this software is used by organizations that want to know how their website is doing, but it can also be used for network forensic analysis of logfiles.
+
{{expand}}
 +
 
 +
Log files are used to maintain a record of activities, e.g. activities of the operating system, certain applications, etc.
 +
 
 +
Log files come in various formats, in general these formats can be divided in the following categories:
 +
* Binary formats
 +
* Text-based formats
 +
* in-database
 +
 
 +
== Binary formats ==
 +
* [[Windows Event Log (EVT)]]
 +
* [[Windows XML Event Log (EVTX)]]
 +
 
 +
== Text-based formats ==
 +
* [http://httpd.apache.org/docs/1.3/logs.html#accesslog Apache HTTP Server access log format]
 +
 
 +
== Tools ==
 +
 
 +
=== Windows ===
 +
; Log Parser 2.2
 +
: http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
 +
: From Microsoft, claims to parse a variety of log files, including XML and CSV, as well as Windows Event Log, Registry, and Active Directory
 +
: Also see: Microsoft Log Parser Toolkit, by Gabriele Giuseppini, Mark Burnett, ISBN: 1-93226-652-6
 +
 
 +
=== Web Logfile Analytics ===
 +
Web logfile analytics software can process a log file and print a report. Normally this software is used by organizations that host the website. It can also be used for analysis of webserver logfiles.
  
 
; Analog  
 
; Analog  
 
: http://www.analog.cx/
 
: http://www.analog.cx/
: Claims to be 'the most popular logfile analyser in the world'
+
: Claims to be ''"the most popular logfile analyser in the world"''
  
 
; Webalizer
 
; Webalizer
 
: http://www.mrunix.net/webalizer/
 
: http://www.mrunix.net/webalizer/
: "A fast, free web server log file analysis program"
+
: ''"A fast, free web server log file analysis program"''
  
; phpmyVisites
+
; phpMyVisites
 
: http://www.phpmyvisites.us/
 
: http://www.phpmyvisites.us/
 
: New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
 
: New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
Line 15: Line 40:
 
; AWStats
 
; AWStats
 
: http://awstats.sourceforge.net/
 
: http://awstats.sourceforge.net/
: "Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."
+
: ''"Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."''
  
 
; JasperReports
 
; JasperReports
; http://jasperforge.org/sf/projects/jasperreports
+
: http://jasperforge.org/sf/projects/jasperreports
 
: Java reporting tool.
 
: Java reporting tool.
 +
 +
; Open Web Analytics
 +
: http://wiki.openwebanalytics.com/index.php?title=Main_Page
 +
: ''"An open source web analytics framework written in PHP."''
 +
 +
; Breadboard BI Web Analytics
 +
: http://sourceforge.net/projects/web-analytics/
 +
: ''"Uses open source tools to collect and distribute web analytics data."''
 +
 +
[[Category:Analysis]]
 +
[[Category:Tools]]

Latest revision as of 05:47, 11 August 2012

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Log files are used to maintain a record of activities, e.g. activities of the operating system, certain applications, etc.

Log files come in various formats, in general these formats can be divided in the following categories:

  • Binary formats
  • Text-based formats
  • in-database

Binary formats

Text-based formats

Tools

Windows

Log Parser 2.2
http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
From Microsoft, claims to parse a variety of log files, including XML and CSV, as well as Windows Event Log, Registry, and Active Directory
Also see: Microsoft Log Parser Toolkit, by Gabriele Giuseppini, Mark Burnett, ISBN: 1-93226-652-6

Web Logfile Analytics

Web logfile analytics software can process a log file and print a report. Normally this software is used by organizations that host the website. It can also be used for analysis of webserver logfiles.

Analog
http://www.analog.cx/
Claims to be "the most popular logfile analyser in the world"
Webalizer
http://www.mrunix.net/webalizer/
"A fast, free web server log file analysis program"
phpMyVisites
http://www.phpmyvisites.us/
New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
AWStats
http://awstats.sourceforge.net/
"Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."
JasperReports
http://jasperforge.org/sf/projects/jasperreports
Java reporting tool.
Open Web Analytics
http://wiki.openwebanalytics.com/index.php?title=Main_Page
"An open source web analytics framework written in PHP."
Breadboard BI Web Analytics
http://sourceforge.net/projects/web-analytics/
"Uses open source tools to collect and distribute web analytics data."