Hello Thomas, On Tue, Jul 17, 2012 at 11:59:14AM +0100, Reuben Thomas wrote: > I run webalizer on my other_vhosts_access.log. Everything works fine, > except for country analysis. I believe my GeoIP setup is correct, as > if I simply change the log to be analyzed to access.log, then it works > fine, and I cannot see anything in the log files which should stop it > working. (In any case, I'm using the default apache2 logging > configuration.) > > The one thing I do notice is that whereas a typical entry from the > access.log file looks like this: > > 127.0.0.1 - - [15/Jul/2012:06:51:08 +0100] "OPTIONS * HTTP/1.0" 200 126 "-" > "Apache/2.2.22 (Ubuntu) (internal dummy connection)" > > a typical line from other_vhosts_access.log looks like: > > rrt.sc3d.org:80 95.108.244.253 - - [15/Jul/2012:07:02:33 +0100] "GET > /robots.txt HTTP/1.1" 404 800 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; > +http://yandex.com/bots)" > > i.e. it seems to contain an extra field at the start, giving the > virtual host. Could this be a problem? It obviously isn't preventing > the rest of the logs from being analyzed... > Exactly, there is an extra field. If you look into apache configuration you'll see this: LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
The vhost_combined format used for other_vhosts_access.log has the extra field. Webalized does not parse this field, for some reason it seam to get the other fields right, but that's just luck... So that's more a feature request than a bug to me. Best regards, Julien VdG -- Julien Viard de Galbert <jul...@vdg.blogsite.org> http://silicone.homelinux.org/ <jul...@silicone.homelinux.org> GPG Key ID: D00E52B6 Published on: hkp://keys.gnupg.net Key Fingerprint: E312 A31D BEC3 74CC C49E 6D69 8B30 6538 D00E 52B6
signature.asc
Description: Digital signature