From: Hans Steinraht (hsteinraht~AT~openlot.com)
Date: Tue Jul 01 2003 - 16:12:26 CEST
Hi,
I installed analog on a debian machine with iptables
When I run it like: fwanalog -c /etc/fwanalog/fwanalog.opts
Fwanalog gives the following message:
Analog found 7560 corrupt lines. Please consider sending
/var/log/fwanalog/test/analog.err to balazs~AT~tud.at
so the author is able to fix the problem.
At the end of analog.err it says:
analog: Warning L: Large number of corrupt lines in logfile
/var/log/fwanalog/test/fwanalog.all.log: turn debugging on or try
different
LOGFORMAT
Current logfile format:
%S %j %j [%d/%M/%Y:%h:%n:%j] "%j%w%r%wHTTP%j" %c %b "%f" "%B"\n
%S %j %j [%d/%M/%Y:%h:%n:%j] "%j%w%r" %c %b "%f" "%B"\n
%S %j %j [%d/%M/%Y:%h:%n:%j] "%r" %c %b "%f" "%B"\n
analog: Warning R: Turning off empty time reports analog: Warning R: Turning off empty Request Report analog: Warning R: Turning off empty File Type Report analog: Warning R: Turning off empty Directory Report analog: Warning R: Turning off empty Domain Report analog: Warning R: Turning off empty Organisation Report analog: Warning R: Turning off empty Search Word Report analog: Warning R: Turning off empty Operating System Report analog: Warning R: Turning off empty File Size Report analog: Warning R: Turning off empty Status Code Report
The logformat is set in fwanalog.opts to "iptables" but it looks like
fwanalog is not picking this up.
I tried to change it to a different format but nothing happens.
Does anyone has any ideas about this.
thanks
Hans
-- _________________________ Hans Steinraht Openlot Wibautstraat 3 1091 GH Amsterdam The Netherlands hsteinraht~AT~openlot.com Phone: +3120 596 1840 Fax: +3120 596 3162 www.openlot.com _________________________
This archive was generated by hypermail 2.1.5 : Tue Jul 01 2003 - 17:22:02 CEST