Course Overview Section 1 Section 2 Section 3 Section 4 Search Site Contact Us

SECTION 3

Part A1 Part A2 Part B1 Part B2 Part B3 Assignments

---

 

 

Logging Activity

In a Nutshell - CIW Course Section 3, Part B3, Chapter 3

Logging Overview

We have looked at logging in earlier chapters and, to be honest, this chapter does not go into very much more detail. We are reminded that many services need to have logging explicitly enabled before logging will take place. Logging and the monitoring of these logs is important to continually assess the server's health and the possible misuse or abuse of the systems by users or possible intruders.

HTTP Server Log Files

There are many types of Web server and each will will log events in it's own way. In an attempt to standardise this logging, many popular servers have adopted the standard of the National Center for Supercomputing Applications (NCSA) Common Log File Format.

Linux logs to text files and the Apache logs are in the /var/log/httpd directory. There are a number of log files including: the error log file, the referrer log file and the agent log file.

Configuring Extended Logging for IIS

Right-click the default Web Server and select "Properties". This should display the properties dialog, defaulted to the "Web Site" tab.

Ensure the "Enable Logging" checkbox is ticked and click the "Properties" button. Click the "Extended Properties" tab. From here you may select or deselect the information to be included in the logs.

Configuring FTP Log Files in IIS

The FTP logging configuration is managed exactly as above, except that you will right-click the default FT site to open the properties.

FTP logs are generally less complex than HTTP logs and would typically record the following information:

• Internet Protocol (IP) address of the client connecting to the server
• Client's user name or anonymous e-mail or FTP address
• Date and time of the connection
• IP address of the server
• Commands issued

Configuring Logging in Apache Server

To configure logging in Apache you need to be logged in as root. To check that your Apache server is running type /etc/rc.d/init.d/httpd status and press Enter. In the example given in the course notes we are going to set User agent logging from the CustomLog.

Change directory to the log file directory by entering cd /var/log/httpd. Enter kwrite httpd.conf to edit the file. Scroll down until you find the line "#CustomLog /var/log/httpd/agent log agent". Delete the comment symbol ("#") at the start of the line and save the file.

To activate this change, Enter /etc/rc.d/init.d/httpd restart.

Viewing FTP Log Files in Linux

From the /var/log directory enter the command ls to list all files. The messages and xferlog files pertain to the FTP server. To generate a list of FTP message from the messages file you would enter the command "grep ftp messages | less".

The xferlog file contains a list of files that have been transferred by the FTP server and can be viewed with the command "less xferlog"

Site Map CIW Books JavaScript Books Perl Books Acronyms MyODBC CSS SQL Hosting

Design by Stephen

Certified Internet Webmaster

Page last Edited: 20 Nov 2011