Advances, Systems and Applications
From: A Neuro-fuzzy approach for user behaviour classification and prediction
# | Log type | Log Format | Example Log | Extracted Information |
---|---|---|---|---|
1 | Web Server Logs | •W3C Extended Log File Format | #Fields: time c-ip cs-method cs-uri-stem sc-status cs-version 18:22:15173.18.255.255 GET /default.htm 200 HTTP/1.0 | • On May 8, 1999 at 6:22 P.M. UTC |
•Microsoft IIS Log Format | • A user with HTTP version 1.0 and the IP address of 173.18.255.255 issued an HTTP GET command for the file Default.htm | |||
•NCSA Common Log File Format | ||||
•ODBC Logging | ||||
• The request was returned without error. | ||||
2 | Microsoft IIS Log Format | • The user’s IP address | 192.168.114.201,—,03/20/98,7:55:20,W3SVC2, SALES1,192.168.114.201, 4502,163,3223,200,0,GET,DeptLogo.gif 172.16.255.255,anonymous, 03/20/98,23:58:11, MSFTPSVC,SALES1,192.168.114.201, 60,275,0,0,0, PASS,intro.htm | • An anonymous user with the IP address of 192.168.114.201 issued an HTTP GET command for the image file DeptLogo.gif at 7:55 A.M. on March 20, 1998 From a server named SALES1 at IP address 172.21.13.45. |
• User name | ||||
• Request date and time | ||||
• HTTP status code | ||||
• The number of bytes received. | ||||
Also: • The elapsed time of the request | • The 163-byte HTTP request had an elapsed processing time of 4502 milliseconds (4.5 s) to complete, and returned, without error, 3223 bytes of data to the anonymous user. | |||
• The number of bytes sent | ||||
• The action (for example, a download carried out by a GET command) and the target file. | ||||
• The items are separated by commas | ||||
• The time is recorded as local time. | ||||
3 | NCSA Common Log File Format | • Remote host name | 172.21.13.45 — REDMOND\fred [08/Apr/1997:17:39:04–0800] “GET /scripts/iisadmin /ism.dll?http/serv HTTP/1.0” 2,003,401 | A user named Fred in the REDMOND domain, with the IP address of 173.21.13.45, issued an HTTP GET command (that is, downloaded a file) at 5:39 P.M. on April 8, 1998. The request returned, without error, 3401 bytes of data to the user named Fred. |
• User name | ||||
• Date | ||||
• Time | ||||
• Request type | ||||
• HTTP status code | ||||
• Number of bytes received by the server. |