On Wed, 2008-07-30 at 20:50 -0400, Grant Peel wrote:
> Is there any better logging knobs I can turn to try and track down an
> offending script?
Possibly, but you'd be better off running something over your access
logs in order to see what you can see.
Assuming a standard, as-supplied "combined" log format of:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
Then something like this should help you find the script that's a
problem:
awk '{ print $6 " " $7 " " $8 }' < /var/log/httpd/access_log.1 | sort |
uniq -c | sort -n
That'll throw a list of requests at you - you should be able to look
through that to find the script name. If you extend it a bit (for
example you have the vhost logged at position 1) then you could add $1
as the first awk element and sort on that, too.
If all your logs are separated into directories per vhost, you'll have
to iterate over them all.
Graeme
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|