Difference between revisions of "Logfile Analysis"

From Forensics Wiki
Jump to: navigation, search
m
(Windows)
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Web logfile analytics software can process a log file and print a clever report. Normally this software is used by organizations that want to know how their website is doing, but it can also be used for network forensic analysis of logfiles.
+
{{expand}}
 +
 
 +
Log files are used to maintain a record of activities, e.g. activities of the operating system, certain applications, etc.
 +
 
 +
Log files come in various formats, in general these formats can be divided in the following categories:
 +
* Binary formats
 +
* Text-based formats
 +
* in-database
 +
 
 +
== Binary formats ==
 +
* [[Windows Event Log (EVT)]]
 +
* [[Windows XML Event Log (EVTX)]]
 +
 
 +
== Text-based formats ==
 +
* [http://httpd.apache.org/docs/1.3/logs.html#accesslog Apache HTTP Server access log format]
 +
 
 +
== Tools ==
 +
 
 +
=== Windows ===
 +
; Log Parser 2.2
 +
: http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
 +
: From Microsoft, claims to parse a variety of log files, including XML and CSV, as well as Windows Event Log, Registry, and Active Directory
 +
: Also see: Microsoft Log Parser Toolkit, by Gabriele Giuseppini, Mark Burnett, ISBN: 1-93226-652-6
 +
 
 +
=== Web Logfile Analytics ===
 +
Web logfile analytics software can process a log file and print a report. Normally this software is used by organizations that host the website. It can also be used for analysis of webserver logfiles.
  
 
; Analog  
 
; Analog  
 
: http://www.analog.cx/
 
: http://www.analog.cx/
: Claims to be 'the most popular logfile analyser in the world'
+
: Claims to be ''"the most popular logfile analyser in the world"''
  
 
; Webalizer
 
; Webalizer
 
: http://www.mrunix.net/webalizer/
 
: http://www.mrunix.net/webalizer/
: "A fast, free web server log file analysis program"
+
: ''"A fast, free web server log file analysis program"''
  
; phpmyVisites
+
; phpMyVisites
 
: http://www.phpmyvisites.us/
 
: http://www.phpmyvisites.us/
 
: New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
 
: New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
Line 15: Line 40:
 
; AWStats
 
; AWStats
 
: http://awstats.sourceforge.net/
 
: http://awstats.sourceforge.net/
: "Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."
+
: ''"Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."''
  
 
; JasperReports
 
; JasperReports
; http://jasperforge.org/sf/projects/jasperreports
+
: http://jasperforge.org/sf/projects/jasperreports
 
: Java reporting tool.
 
: Java reporting tool.
  
 
; Open Web Analytics
 
; Open Web Analytics
 
: http://wiki.openwebanalytics.com/index.php?title=Main_Page
 
: http://wiki.openwebanalytics.com/index.php?title=Main_Page
: "an open source web analytics framework written in PHP"
+
: ''"An open source web analytics framework written in PHP."''
  
 
; Breadboard BI Web Analytics
 
; Breadboard BI Web Analytics
 
: http://sourceforge.net/projects/web-analytics/
 
: http://sourceforge.net/projects/web-analytics/
: "uses open source tools to collect and distribute web analytics data."
+
: ''"Uses open source tools to collect and distribute web analytics data."''
 +
 
 +
[[Category:Analysis]]
 +
[[Category:Tools]]

Latest revision as of 00:47, 11 August 2012

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Log files are used to maintain a record of activities, e.g. activities of the operating system, certain applications, etc.

Log files come in various formats, in general these formats can be divided in the following categories:

  • Binary formats
  • Text-based formats
  • in-database

Contents

Binary formats

Text-based formats

Tools

Windows

Log Parser 2.2
http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
From Microsoft, claims to parse a variety of log files, including XML and CSV, as well as Windows Event Log, Registry, and Active Directory
Also see: Microsoft Log Parser Toolkit, by Gabriele Giuseppini, Mark Burnett, ISBN: 1-93226-652-6

Web Logfile Analytics

Web logfile analytics software can process a log file and print a report. Normally this software is used by organizations that host the website. It can also be used for analysis of webserver logfiles.

Analog
http://www.analog.cx/
Claims to be "the most popular logfile analyser in the world"
Webalizer
http://www.mrunix.net/webalizer/
"A fast, free web server log file analysis program"
phpMyVisites
http://www.phpmyvisites.us/
New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
AWStats
http://awstats.sourceforge.net/
"Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."
JasperReports
http://jasperforge.org/sf/projects/jasperreports
Java reporting tool.
Open Web Analytics
http://wiki.openwebanalytics.com/index.php?title=Main_Page
"An open source web analytics framework written in PHP."
Breadboard BI Web Analytics
http://sourceforge.net/projects/web-analytics/
"Uses open source tools to collect and distribute web analytics data."