Michael.Leung at networksolutions
Dec 2, 2008, 12:05 PM
Views: 404
Permalink
|
|
Convert IP to Domain Name - RE: Need help to retrieve reports
|
|
I just download logresolve.pl, and have tried it on one of the log
files. The following are what I copied from the first 2 rows:
<New>
146-115-44-11.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com - -
[01/Dec/2008:00:01:08 -0500] "GET
/domain-name-registration/domain-name-search-results.jsp?tab=searchagain
&isExplicitSearchAvailable=true HTTP/1.1" 200 75884
"https://www.networksolutions.com/domain-name-registration/domain-name-s
earch-results.jsp?tab=searchagain&isExplicitSearchAvailable=false"
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
"f0ba2ba19b877829cc31461428a75" "f0ea3ea131e95df8fd6c1e5054c3" "-"
axcend.com - - [01/Dec/2008:00:01:04 -0500] "GET
/manage-it/email-overview.jsp HTTP/1.1" 200 195889
"https://www.networksolutions.com/manage-it/private-registration-splash.
jsp" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
2.0.50727; .NET CLR 1.1.4322)" "d306da4361cfeffffffffd5e77eca9c52bd5"
"f0e9ee75ac8dffffffff8f8047c7cbd7c43" "-"
<Original>
146.115.44.11 - - [01/Dec/2008:00:01:08 -0500] "GET
/domain-name-registration/domain-name-search-results.jsp?tab=searchagain
&isExplicitSearchAvailable=true HTTP/1.1" 200 75884
"https://www.networksolutions.com/domain-name-registration/domain-name-s
earch-results.jsp?tab=searchagain&isExplicitSearchAvailable=false"
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
"f0ba2ba19b877829cc31461428a75" "f0ea3ea131e95df8fd6c1e5054c3" "-"
125.17.144.210 - - [01/Dec/2008:00:01:04 -0500] "GET
/manage-it/email-overview.jsp HTTP/1.1" 200 195889
"https://www.networksolutions.com/manage-it/private-registration-splash.
jsp" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
2.0.50727; .NET CLR 1.1.4322)" "d306da4361cfeffffffffd5e77eca9c52bd5"
"f0e9ee75ac8dffffffff8f8047c7cbd7c43" "-"
It looks like the first one was converted
Original New
146.115.44.11 146-115-44-11.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com
125.17.144.210 axcend.com
The second one seems right, but the first one looks a little odd to me.
Thanks
Michael
-----Original Message-----
From: analog-help-bounces[at]lists.meer.net
[mailto:analog-help-bounces[at]lists.meer.net] On Behalf Of Aengus
Sent: Tuesday, December 02, 2008 8:34 AM
To: Support for analog web log analyzer
Subject: Re: [analog-help] Need help to retrieve (and correct) reports
(needhelp on LOGFORMAT)
On 12/1/2008 8:42 PM, Edward Spodick wrote:
> Perform DNS processing on your log files - either letting Analog do it
with its slower code, or using a different tool to pre-process the
logfile before triggering Analog (see http://www.analog.cx/helpers/#dns
)
With 806393 requests in the logfile, using Analogs built-in lookups
wouldn't be the best idea. For learning about DNS lookups, a sample from
the logfile of a few hundred lines would be a better idea. For DNS
lookups on anything larger than that, you really need to use one of the
the DNS helper apps.
Aengus
+-----------------------------------------------------------------------
-
| TO UNSUBSCRIBE from this list:
| http://lists.meer.net/mailman/listinfo/analog-help
|
| Analog Documentation: http://analog.cx/docs/Readme.html
| List archives: http://www.analog.cx/docs/mailing.html#listarchives
| Usenet version: news://news.gmane.org/gmane.comp.web.analog.general
+-----------------------------------------------------------------------
-
+------------------------------------------------------------------------
| TO UNSUBSCRIBE from this list:
| http://lists.meer.net/mailman/listinfo/analog-help
|
| Analog Documentation: http://analog.cx/docs/Readme.html
| List archives: http://www.analog.cx/docs/mailing.html#listarchives
| Usenet version: news://news.gmane.org/gmane.comp.web.analog.general
+------------------------------------------------------------------------
|
Convert IP to Domain Name - RE: Need help to retrieve reports