Apache Web Server: Log Analysis and Server Status Monitoring Tool

in Categories Apache, Download of the day, lighttpd, Linux, Monitoring, Networking, python, RedHat/Fedora Linux, UNIX last updated June 17, 2008

wtop is really cool application for web server log analysis and to see server stats at a glance. It also has powerful log grepping capability. It is just like ‘top’ for your webserver.

It can find out number of searches or signups per seconds. It can also create histogram of response time. There is also another tool called logrep a powerful command-line program for ad-hoc analysis and filtering for log files. You can dig up lots of information using wtop tools.

You need Python version 2.5 to run wtop.

Download wtop

Type the following command:
$ cd /tmp
$ wget http://wtop.googlecode.com/files/wtop-0.5.6.tar.gz
$ tar -zxvf wtop-0.5.6.tar.gz
$ cd wtop-0.5.6
# python setup.py install

Configuring wtop

Once installed you can start using the tool immediately. You need to edit /etc/wtop.cfg file to setup parameters, Apache log files and other directives
# vi /etc/wtop.cfg
Sample configuration file:

[main]
LOG_ROOT=/var/log/lighttpd/cyberciti.biz/
LOG_FILE=access.log
DEFAULT_OUTPUT_FIELDS=ts,class,ipcnt,ip,msec,uas,url

# This must match your webserver log format. You MUST have at least %h, %r and %D
LOG_FORMAT=%h %l %u %t "%r" %>s %B "%{Referer}i" "%{User-Agent}i" %D

[wtop]
# max time before a request is logged in the "slow" column
MAX_REQUEST_TIME=5000
# minimum requests/second before a URL class appears in top mode
MIN_RPS=0.2

[classes]
# you can extend these to make any classes you wish
home=^/(?:\?.*)?$
xml=\.xml(?:\?.*)?$
js=\.js(?:\?.*)?$
css=\.css(?:\?.*)?$
img=\.(?:png|gif|jpe?g|cur|ico|bmp)(?:\?.*)?$

[patterns]
# the generic pattern is applied if a line does not match any
# of the named classes. By default it uses the top-level directory.
generic=^/([^/\?]+)

# incomplete list of known web robots
robots = r'(?:nutch|MSRBOT|translate.google.com|Feedster|Nutch|Gaisbot|Snapbot|VisBot|libwww|CazoodleBot|polybot|VadixBot|Sogou|SBider|BecomeBot|Yandex|Pagebull|chudo|Pockey|nicebot|entireweb|FeedwhipBOT|ConveraCrawler|NG/2.0|WebImages|Factbot|information-online|gsa-crawler|Jyxobot|SentinelCrawler|BlogPulseLive|YahooFeedSeeker|GurujiBot|wwwster|Y\!J-SRD|Findexa|SurveyBot|yetibot|discoveryengine|fastsearch|noxtrum|Googlebot|Snapbot|OGSearchSpider|heritrix|nutch-agent|Slurp|msnbot|cuill|Mediapartners|YahooSeeker|GrabPERF|keywen|ia_archiver|crawler.archive.org|Baiduspider|larbin|shopwiki)'

Now simply type wtop at a shell prompt:
$ wtop$
See all human traffic, enter:
$ logrep -m top -h access.log
See response times for all MSNBot homepage hits:
$ logrep -m grep -g MSNBot -i home -o status,msec,url access.log
Display the current log for traffic to pages about wordpress or themes sent from google.com
$ logrep -m tail --f 'url~wordpress|themes,ref~google.com' access.log

Further readings:

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Share this on (or read 2 comments/add one below):

2 comment

  1. I’ve decided to write a tool for monitoring apache log files remotely via a browser using AJAX. I’ve called it Apache Live Log (ALiveLog). It shows recent visits to a website by grouping hits from the same IP. Hit origin (country and city) is determined using Geo::IP perl module. You can monitor multiple websites hosted on the same server through a single ALiveLog installation.
    Here is the link: http://www.burlaca.com/2009/02/alivelog/

  2. getting following error

    Traceback (most recent call last):
    File “/usr/bin/logrep”, line 78, in ?
    from logrep import *
    File “/wtop/wtop-0.5.6/logrep.py”, line 370
    return [(key,op,castfns[key](value)) if op != ‘~’ else (key,op,re.compile(value)) for key,op,value in conditions]
    ^
    SyntaxError: invalid syntax

    Have a question? Post it on our forum!