Skip to main content

Advances, Systems and Applications

Table 1 Web data sources

From: A Neuro-fuzzy approach for user behaviour classification and prediction


Log type

Log Format

Example Log

Extracted Information


Web Server Logs

•W3C Extended Log File Format

#Fields: time c-ip cs-method cs-uri-stem sc-status cs-version 18:22:15173.18.255.255 GET /default.htm 200 HTTP/1.0

• On May 8, 1999 at 6:22 P.M. UTC

•Microsoft IIS Log Format

• A user with HTTP version 1.0 and the IP address of issued an HTTP GET command for the file Default.htm

•NCSA Common Log File Format

•ODBC Logging

• The request was returned without error.


Microsoft IIS Log Format

• The user’s IP address,—,03/20/98,7:55:20,W3SVC2, SALES1,, 4502,163,3223,200,0,GET,DeptLogo.gif,anonymous, 03/20/98,23:58:11, MSFTPSVC,SALES1,, 60,275,0,0,0, PASS,intro.htm

• An anonymous user with the IP address of issued an HTTP GET command for the image file DeptLogo.gif at 7:55 A.M. on March 20, 1998 From a server named SALES1 at IP address

• User name

• Request date and time

• HTTP status code

• The number of bytes received.


• The elapsed time of the request

• The 163-byte HTTP request had an elapsed processing time of 4502 milliseconds (4.5 s) to complete, and returned, without error, 3223 bytes of data to the anonymous user.

• The number of bytes sent

• The action (for example, a download carried out by a GET command) and the target file.

• The items are separated by commas

• The time is recorded as local time.


NCSA Common Log File Format

• Remote host name — REDMOND\fred [08/Apr/1997:17:39:04–0800] “GET /scripts/iisadmin /ism.dll?http/serv HTTP/1.0” 2,003,401

A user named Fred in the REDMOND domain, with the IP address of, issued an HTTP GET command (that is, downloaded a file) at 5:39 P.M. on April 8, 1998. The request returned, without error, 3401 bytes of data to the user named Fred.

• User name

• Date

• Time

• Request type

• HTTP status code

• Number of bytes received by the server.