Weird access logs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi there,

We're seeing some weird behaviour in our access logs. 

For around 13 minutes we see entries from requests received several minutes before it actually gets logged (the two timestamps on the same line are up to 13 minutes apart! ). 
The number to the far right is %D - the response time (microseconds)

Also, we're using big ip as a load balancer in front of this server, and the big ip health check considers this apache as down during this timeframe. 

BTW, in total there are exactly 200 weird entries like this. Are we hitting some crazy default?

What could be going on?

Cheers

Stefan

Nov 13 02:02:22 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:02:22 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 505
Nov 13 02:02:22 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:02:22 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 563
Nov 13 02:02:23 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:02:23 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 466
Nov 13 02:02:23 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:02:23 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 469
Nov 13 02:02:23 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:02:23 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 612
Nov 13 02:02:24 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:02:24 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 413
Nov 13 02:02:25 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:02:25 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 408
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:03:15 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 509
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:03:16 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2138
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:03:16 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 735
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:03:16 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2262
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:03:17 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 549
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:03:17 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2356
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:03:18 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 698
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:03:18 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 673
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:03:18 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 523
...
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:04:39 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 568
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:04:40 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2354
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:04:40 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 840
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:04:40 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 1941
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:04:41 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 778
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:04:41 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 3106
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:04:42 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 440
Nov 13 02:15:44 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:04:42 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 599
Nov 13 02:15:50 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:15:50 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 646
Nov 13 02:15:51 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:15:51 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 586
Nov 13 02:15:51 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:15:51 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2248
Nov 13 02:15:51 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:15:51 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 624
Nov 13 02:15:52 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:15:52 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2562
Nov 13 02:15:52 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:15:52 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 519
Nov 13 02:15:52 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:15:52 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2411
Nov 13 02:15:53 alq-kronos httpd[32388]: 139.116.14.253 - - [13/Nov/2014:02:15:53 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 403
Nov 13 02:15:53 alq-kronos httpd[32388]: 139.116.14.254 - - [13/Nov/2014:02:15:53 +0100] "GET /bigip.txt HTTP/1.0" 200 10 "-" "-" statisk 2517
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux