Archives
/
lnav
mirror of https://github.com/tstack/lnav
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[formats] add w3c extended log format impl

Browse Source 
Fiexes #798
pull/812/head
Timothy Stack 3 years ago
parent 8494aefd50
commit 32f112b8de
66 changed files with 1534 additions and 153 deletions
Show Stats Download Patch File Download Diff File

7
NEWS
Unescape Escape View File

@ -8,6 +8,11 @@ lnav v0.9.1:
following command to open the command prompt with ":filter-in " already
filled in:
:prompt command : 'filter-in '
* Added support for the W3C Extended Log File Format. Note: Since the
columns in a W3C log are specified in the file, the name of the format
and SQLite table will include a hash ID over of the column names
(e.g. w3c_7685df_log).
* Added support for the S3 Access File Format.
* To jump to the first search hit above the top line in a view, you can
press CTRL+J instead of ENTER in the search prompt. Pressing ENTER
will jump to the first hit below the current window.
@ -23,6 +28,8 @@ lnav v0.9.1:
Interface Changes:
* When copying log lines, the file name and time offset will be included
in the copy if they are enabled.
* Log messages that cannot be parsed properly will be given an "invalid"
log level and the invalid portions colored yellow.
Fixes:
* Unicode text can now be entered in prompts.

18
docs/source/formats.rst
Unescape Escape View File

@ -20,11 +20,19 @@ The following log formats are built into **lnav**:
:widths: 8 5 20
:file: format-table.csv
The
`Bro Network Security Monitor <https://www.bro.org/sphinx/script-reference/log-files.html>`_
TSV log format is also supported in versions
v0.8.3+. The Bro log format is self-describing, so **lnav** will read the
header to determine the shape of the file.
In addition to the above formats, the following self-describing formats are
supported:
* The
`Bro Network Security Monitor <https://www.bro.org/sphinx/script-reference/log-files.html>`_
TSV log format is supported in lnav versions v0.8.3+. The Bro log format is
self-describing, so **lnav** will read the header to determine the shape of
the file.
* The
`W3C Extend Log File Format <https://www.w3.org/TR/WD-logfile.html>`_
is supported in lnav versions v0.9.1+. The W3C log format is
self-describing, so **lnav** will read the header to determine the shape of
the file.
Defining a New Format

1
src/CMakeLists.txt
Unescape Escape View File

@ -141,6 +141,7 @@ set(FORMAT_FILES
formats/strace_log.json
formats/sudo_log.json
formats/syslog_log.json
formats/s3_log.json
formats/tcf_log.json
formats/tcsh_history.json
formats/uwsgi_log.json

1
src/Makefile.am
Unescape Escape View File

@ -47,6 +47,7 @@ FORMAT_FILES = \
$(srcdir)/formats/strace_log.json \
$(srcdir)/formats/sudo_log.json \
$(srcdir)/formats/syslog_log.json \
$(srcdir)/formats/s3_log.json \
$(srcdir)/formats/tcf_log.json \
$(srcdir)/formats/tcsh_history.json \
$(srcdir)/formats/uwsgi_log.json \

2
src/all_logs_vtab.cc
Unescape Escape View File

@ -90,7 +90,7 @@ bool all_logs_vtab::is_valid(log_cursor &lc, logfile_sub_source &lss)
auto lf = lss.find(cl);
auto lf_iter = lf->begin() + cl;
if (lf_iter->is_continued()) {
if (!lf_iter->is_message()) {
return false;
}

44
src/base/intern_string.hh
Unescape Escape View File

@ -155,6 +155,39 @@ struct string_fragment {
this->sf_end = -1;
};
void trim(const char *tokens) {
while (this->sf_begin < this->sf_end) {
bool found = false;
for (int lpc = 0; tokens[lpc] != '\0'; lpc++) {
if (this->sf_string[this->sf_begin] == tokens[lpc]) {
found = true;
break;
}
}
if (!found) {
break;
}
this->sf_begin += 1;
}
while (this->sf_begin < this->sf_end) {
bool found = false;
for (int lpc = 0; tokens[lpc] != '\0'; lpc++) {
if (this->sf_string[this->sf_end - 1] == tokens[lpc]) {
found = true;
break;
}
}
if (!found) {
break;
}
this->sf_end -= 1;
}
}
const char *sf_string;
int sf_begin;
int sf_end;
@ -190,6 +223,10 @@ public:
return std::string(this->is_str, this->is_len);
}
string_fragment to_string_fragment() const {
return string_fragment{this->is_str, 0, (int) this->is_len};
}
bool startswith(const char *prefix) const {
const char *curr = this->is_str;
@ -267,6 +304,13 @@ public:
return this->ist_interned_string->to_string();
}
string_fragment to_string_fragment() const {
if (this->ist_interned_string == nullptr) {
return string_fragment{"", 0, 0};
}
return this->ist_interned_string->to_string_fragment();
}
bool operator<(const intern_string_t &rhs) const {
return strcmp(this->get(), rhs.get()) < 0;
}

17
src/base/string_util.cc
Unescape Escape View File

@ -93,6 +93,23 @@ size_t unquote(char *dst, const char *str, size_t len)
return index;
}
size_t unquote_w3c(char *dst, const char *str, size_t len)
{
size_t index = 0;
require(str[0] == '\'' || str[0] == '"');
for (size_t lpc = 1; lpc < (len - 1); lpc++, index++) {
dst[index] = str[lpc];
if (str[lpc] == '"') {
lpc += 1;
}
}
dst[index] = '\0';
return index;
}
void truncate_to(std::string &str, size_t len)
{
static const std::string ELLIPSIS = "\xE2\x8B\xAF";

2
src/base/string_util.hh
Unescape Escape View File

@ -44,6 +44,8 @@ inline bool is_line_ending(char ch) {
size_t unquote(char *dst, const char *str, size_t len);
size_t unquote_w3c(char *dst, const char *str, size_t len);
inline bool startswith(const char *str, const char *prefix)
{
return strncmp(str, prefix, strlen(prefix)) == 0;

30
src/field_overlay_source.cc
Unescape Escape View File

@ -215,7 +215,8 @@ void field_overlay_source::build_field_lines(const listview_curses &lv)
auto format = file->get_format();
bool display = false;
if (ll->is_time_skewed()) {
if (ll->is_time_skewed() ||
ll->get_msg_level() == log_level_t::LEVEL_INVALID) {
display = true;
}
if (this->fos_active) {
@ -232,6 +233,25 @@ void field_overlay_source::build_field_lines(const listview_curses &lv)
return;
}
if (ll->get_msg_level() == LEVEL_INVALID) {
for (const auto& sattr : this->fos_log_helper.ldh_line_attrs) {
if (sattr.sa_type != &SA_INVALID) {
continue;
}
auto emsg = fmt::format(" Invalid log message: {}",
(const char *) sattr.sa_value.sav_ptr);
auto al = attr_line_t(emsg)
.with_attr(string_attr(line_range{1, 2},
&view_curses::VC_GRAPHIC,
ACS_LLCORNER))
.with_attr(string_attr(line_range{0, 22},
&view_curses::VC_ROLE,
view_colors::VCR_INVALID_MSG));
this->fos_lines.emplace_back(al);
}
}
char old_timestamp[64], curr_timestamp[64], orig_timestamp[64];
struct timeval curr_tv, offset_tv, orig_tv, diff_tv = { 0 };
attr_line_t time_line;
@ -251,8 +271,8 @@ void field_overlay_source::build_field_lines(const listview_curses &lv)
time_str.append(" Out-Of-Time-Order Message");
time_lr.lr_start = 3;
time_lr.lr_end = time_str.length();
time_line.with_attr(string_attr(time_lr, &view_curses::VC_STYLE,
vc.attrs_for_role(view_colors::VCR_SKEWED_TIME)));
time_line.with_attr(string_attr(time_lr, &view_curses::VC_ROLE,
view_colors::VCR_SKEWED_TIME));
time_str.append(" --");
}
@ -294,8 +314,8 @@ void field_overlay_source::build_field_lines(const listview_curses &lv)
time_lr.lr_end = time_str.length();
time_line.with_attr(string_attr(
time_lr,
&view_curses::VC_STYLE,
vc.attrs_for_role(view_colors::VCR_SKEWED_TIME)));
&view_curses::VC_ROLE,
view_colors::VCR_SKEWED_TIME));
timersub(&curr_tv, &actual_tv, &diff_tv);
time_str.append("; Diff: ");

15
src/file_collection.cc
Unescape Escape View File

@ -186,6 +186,19 @@ file_collection::watch_logfile(const std::string &filename,
return make_ready_future(retval);
}
auto stat_iter = find_if(this->fc_new_stats.begin(),
this->fc_new_stats.end(),
[&st](auto& elem) {
return st.st_ino == elem.st_ino &&
st.st_dev == elem.st_dev;
});
if (stat_iter != this->fc_new_stats.end()) {
// this file is probably a link that we have already scanned in this
// pass.
return make_ready_future(retval);
}
this->fc_new_stats.emplace_back(st);
auto file_iter = find_if(this->fc_files.begin(),
this->fc_files.end(),
same_file(st));
@ -406,5 +419,7 @@ file_collection file_collection::rescan_files(bool required)
fq.pop_to();
this->fc_new_stats.clear();
return retval;
}

2
src/file_collection.hh
Unescape Escape View File

@ -63,6 +63,7 @@ struct file_collection {
std::set<std::string> fc_closed_files;
std::map<std::string, file_format_t> fc_other_files;
std::shared_ptr<safe_scan_progress> fc_progress;
std::vector<struct stat> fc_new_stats;
size_t fc_largest_path_length{0};
file_collection()
@ -76,6 +77,7 @@ struct file_collection {
this->fc_files.clear();
this->fc_closed_files.clear();
this->fc_other_files.clear();
this->fc_new_stats.clear();
}
file_collection rescan_files(bool required = false);

4
src/filter_sub_source.hh
Unescape Escape View File

@ -67,8 +67,8 @@ public:
void rl_display_next(readline_curses *rc);
readline_context fss_regex_context{"regex", nullptr, false};
readline_context fss_sql_context{"sql", nullptr, false};
readline_context fss_regex_context{"filter-regex", nullptr, false};
readline_context fss_sql_context{"filter-sql", nullptr, false};
readline_curses fss_editor;
plain_text_source fss_match_source;
textview_curses fss_match_view;

11
src/formats/access_log.json
Unescape Escape View File

@ -15,6 +15,9 @@
"std": {
"pattern": "^(?<c_ip>[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?<cs_username>\\S+)\\s+\\[(?<timestamp>[^\\]]+)\\] \"(?:\\-|(?<cs_method>\\w+) (?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))? (?<cs_version>[\\w/\\.]+))\" (?<sc_status>\\d+) (?<sc_bytes>\\d+|-)(?: \"(?<cs_referer>[^\"]+)\" \"(?<cs_user_agent>[^\"]+)\")?\\s*(?<body>.*)"
},
"std-vhost": {
"pattern": "^(?<cs_host>[\\w\\-\\.]*)(?::\\d+)?\\s+(?<c_ip>[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?<cs_username>\\S+)\\s+\\[(?<timestamp>[^\\]]+)\\] \"(?:\\-|(?<cs_method>\\w+) (?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))? (?<cs_version>[\\w/\\.]+))\" (?<sc_status>\\d+) (?<sc_bytes>\\d+|-)(?: \"(?<cs_referer>[^\"]+)\" \"(?<cs_user_agent>[^\"]+)\")?\\s*(?<body>.*)"
},
"mod-std": {
"module-format": true,
"pattern": "^(?<c_ip>[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?<cs_username>\\S+)\\s+\"(?:\\-|(?<cs_method>\\w+) (?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))? (?<cs_version>[\\w/\\.]+))\" (?<sc_status>\\d+) (?<sc_bytes>\\d+|-)(?: \"(?<cs_referer>[^\"]+)\" \"(?<cs_user_agent>[^\"]+)\")?\\s*(?<body>.*)"
@ -26,6 +29,11 @@
},
"opid-field": "c_ip",
"value": {
"cs_host": {
"kind": "string",
"identifier": true,
"description": "The value of the Host header"
},
"c_ip": {
"kind": "string",
"collate": "ipaddress",
@ -88,6 +96,9 @@
},
{
"line": "10.1.10.51 - - [23/Dec/2014:21:20:35 +0000] \"POST /api/1/rest/foo/bar HTTP/1.1\" 200 - \"-\" \"-\" 293"
},
{
"line": "www.example.com 1.2.3.4 - theuser [10/Feb/2012:16:41:07 -0500] \"GET / HTTP/1.0\" 200 368 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11\""
}
]
}

158
src/formats/s3_log.json
Unescape Escape View File

@ -0,0 +1,158 @@
{
"$schema": "https://lnav.org/schemas/format-v1.schema.json",
"s3_log": {
"title": "S3 Access Log",
"description": "S3 server access log format",
"url": "https://docs.aws.amazon.com/AmazonS3/latest/dev/LogFormat.html",
"multiline": false,
"regex": {
"std": {
"pattern": "^(?<owner>\\S+)\\s+(?<bucket>\\S+)\\s+\\[(?<timestamp>[^\\]]+)\\]\\s+(?<c_ip>[\\w*.:-]+)\\s+(?<cs_userid>\\S+)\\s+(?<req_id>\\S+)\\s+(?<op>\\S+)\\s+(?<cs_key>\\S+)\\s+\"(?<cs_method>\\S+)\\s+(?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))?\\s+(?<cs_version>\\S+)\"\\s+(?<sc_status>\\d+|-)\\s+(?<sc_error_code>\\S+)\\s+(?<sc_bytes>\\d+|-)\\s+(?<obj_size>\\d+|-)\\s+(?<total_time>\\d+|-)\\s+(?<turn_around_time>\\d+|-)\\s+\"(?<cs_referer>.*?)\"\\s+\"(?<cs_user_agent>.*?)\"$"
},
"std-v2": {
"pattern": "^(?<owner>\\S+)\\s+(?<bucket>\\S+)\\s+\\[(?<timestamp>[^\\]]+)\\]\\s+(?<c_ip>[\\w*.:-]+)\\s+(?<cs_userid>\\S+)\\s+(?<req_id>\\S+)\\s+(?<op>\\S+)\\s+(?<cs_key>\\S+)\\s+\"(?<cs_method>\\S+)\\s+(?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))?\\s+(?<cs_version>\\S+)\"\\s+(?<sc_status>\\d+|-)\\s+(?<sc_error_code>\\S+)\\s+(?<sc_bytes>\\d+|-)\\s+(?<obj_size>\\d+|-)\\s+(?<total_time>\\d+|-)\\s+(?<turn_around_time>\\d+|-)\\s+\"(?<cs_referer>.*?)\"\\s+\"(?<cs_user_agent>.*?)\"\\s+(?<version_id>\\S+)\\s+(?<host_id>\\S+)\\s+(?<sig_version>\\S+)\\s+(?<cipher_suite>\\S+)\\s+(?<auth_type>\\S+)\\s+(?<cs_host>\\S+)\\s+(?<tls_version>\\S+)$"
}
},
"level-field": "sc_status",
"level": {
"error": "^[^123].*"
},
"opid-field": "c_ip",
"value": {
"owner": {
"kind": "string",
"identifier": true,
"description": "The bucket owner"
},
"bucket": {
"kind": "string",
"identifier": true,
"description": "The bucket"
},
"c_ip": {
"kind": "string",
"collate": "ipaddress",
"identifier": true,
"description": "The client IP address"
},
"cs_userid": {
"kind": "string",
"identifier": true,
"description": "The user ID passed from the client to the server"
},
"req_id": {
"kind": "string",
"description": "The request ID"
},
"op": {
"kind": "string",
"identifier": true,
"description": "The operation"
},
"cs_key": {
"kind": "string",
"identifier": true,
"description": "The key for the bucket"
},
"cs_method": {
"kind": "string",
"identifier": true,
"description": "The request method"
},
"cs_uri_stem": {
"kind": "string",
"identifier": true,
"description": "The path part of the request URI"
},
"cs_uri_query": {
"kind": "string",
"description": "The query parameters in the request URI"
},
"cs_version": {
"kind": "string",
"identifier": true,
"description": "The client's HTTP version"
},
"sc_status": {
"kind": "integer",
"foreign-key": true,
"rewriter": ";SELECT :sc_status || ' (' || (SELECT message FROM http_status_codes WHERE status = :sc_status) || ') '",
"description": "The status code returned by the server"
},
"sc_error_code": {
"kind": "string",
"identifier": true,
"description": "The Amazon S3 error code"
},
"sc_bytes": {
"kind": "integer",
"description": "The number of bytes returned by the server"
},
"obj_size": {
"kind": "integer",
"description": "The size of the object"
},
"total_time": {
"kind": "integer",
"description": "The total time taken to satisfy the request"
},
"turn_around_time": {
"kind": "integer",
"description": "The turn around time"
},
"cs_referer": {
"kind": "string",
"identifier": true,
"description": "The client's referrer"
},
"cs_user_agent": {
"kind": "string",
"identifier": true,
"description": "The client's HTTP agent"
},
"version_id": {
"kind": "string",
"identifier": true,
"description": "The version ID"
},
"host_id": {
"kind": "string",
"identifier": true,
"description": "The host ID"
},
"sig_version": {
"kind": "string",
"identifier": true,
"description": "The signature version"
},
"cipher_suite": {
"kind": "string",
"identifier": true,
"description": "The SSL layer negotiated cipher suite"
},
"auth_type": {
"kind": "string",
"identifier": true,
"description": "The type of request authentication used"
},
"cs_host": {
"kind": "string",
"identifier": true,
"description": "The endpoint used to connect to S3"
},
"tls_version": {
"kind": "string",
"identifier": true,
"description": "The TLS version negotiated by the client"
}
},
"sample": [
{
"line": "b659b576cff1e15e4c0313ff8930fba9f53e6794567f5c60dab3abf2f8dfb6cc www.example.com [10/Feb/2012:16:42:07 -0500] 1.2.3.4 arn:aws:iam::179580289999:user/phillip.boss EB3502676500C6BE WEBSITE.GET.OBJECT index \"GET /index HTTP/1.1\" 200 - 368 368 10 9 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11\""
},
{
"line": "79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be awsexamplebucket1 [06/Feb/2019:00:00:38 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be 3E57427F3EXAMPLE REST.GET.VERSIONING - \"GET /awsexamplebucket1?versioning HTTP/1.1\" 200 - 113 - 7 - \"-\" \"S3Console/0.4\" - s9lzHYrFp76ZVxRcpX9+5cjAnEH2ROuNkd2BHfIa6UkFVdtjf5mKR3/eTPFvsiP/XV/VLi31234= SigV2 ECDHE-RSA-AES128-GCM-SHA256 AuthHeader awsexamplebucket1.s3.us-west-1.amazonaws.com TLSV1.1"
}
]
}
}

2
src/formats/syslog_log.json
Unescape Escape View File

@ -18,7 +18,7 @@
"warning": "(?:(?:(?i)warn)|not responding|init: cannot execute)"
},
"opid-field": "log_pid",
"multiline": false,
"multiline": true,
"module-field": "log_procname",
"value": {
"log_pri": {

8
src/hotkeys.cc
Unescape Escape View File

@ -61,7 +61,7 @@ public:
content_line_t cl = this->lh_sub_source.at(this->lh_current_line);
std::shared_ptr<logfile> lf = this->lh_sub_source.find(cl);
auto ll = lf->begin() + cl;
while (ll->is_continued()) {
while (!ll->is_message()) {
--ll;
--this->lh_current_line;
}
@ -503,7 +503,7 @@ bool handle_paging_key(int ch)
}
lss->set_time_offset(true);
while (next_top < tc->get_inner_height()) {
if (lss->find_line(lss->at(next_top))->is_continued()) {
if (!lss->find_line(lss->at(next_top))->is_message()) {
}
else if (lss->get_line_accel_direction(next_top) ==
log_accel::A_DECEL) {
@ -527,7 +527,7 @@ bool handle_paging_key(int ch)
}
lss->set_time_offset(true);
while (0 <= next_top && next_top < tc->get_inner_height()) {
if (lss->find_line(lss->at(next_top))->is_continued()) {
if (!lss->find_line(lss->at(next_top))->is_message()) {
}
else if (lss->get_line_accel_direction(next_top) ==
log_accel::A_DECEL) {
@ -645,7 +645,7 @@ bool handle_paging_key(int ch)
}
}
logline &next_line = next_helper.current_line();
if (next_line.is_continued()) {
if (!next_line.is_message()) {
continue;
}
if (next_line.get_opid() != opid_hash) {

9
src/internals/config-v1.schema.json
Unescape Escape View File

@ -108,7 +108,7 @@
"$ref": "#/definitions/style"
},
"skewed-time": {
"description": "Styling for timestamps ",
"description": "Styling for timestamps that are different from the received time",
"title": "/ui/theme-defs/<theme_name>/styles/skewed-time",
"$ref": "#/definitions/style"
},
@ -117,6 +117,11 @@
"title": "/ui/theme-defs/<theme_name>/styles/offset-time",
"$ref": "#/definitions/style"
},
"invalid-msg": {
"description": "Styling for invalid log messages",
"title": "/ui/theme-defs/<theme_name>/styles/invalid-msg",
"$ref": "#/definitions/style"
},
"popup": {
"description": "Styling for popup windows",
"title": "/ui/theme-defs/<theme_name>/styles/popup",
@ -266,7 +271,7 @@
"title": "/ui/theme-defs/<theme_name>/log-level-styles",
"type": "object",
"patternProperties": {
"(trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal)": {
"(trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal|invalid)": {
"title": "/ui/theme-defs/<theme_name>/log-level-styles/<level>",
"$ref": "#/definitions/style"
}

6
src/lnav.cc
Unescape Escape View File

@ -1339,7 +1339,7 @@ static void looper()
setup_highlights(lnav_data.ld_views[LNV_PRETTY].get_highlights());
setup_highlights(lnav_data.ld_preview_view.get_highlights());
for (auto format : log_format::get_root_formats()) {
for (const auto& format : log_format::get_root_formats()) {
for (auto &hl : format->lf_highlighters) {
if (hl.h_fg.empty()) {
hl.with_attrs(hl.h_attrs | vc.attrs_for_ident(hl.h_pattern));
@ -1483,8 +1483,8 @@ static void looper()
timer.start_fade(index_counter, 1);
log_debug("rescan started");
file_collection active_copy;
log_debug("rescan started %p", &active_copy);
active_copy.merge(lnav_data.ld_active_files);
active_copy.fc_progress = lnav_data.ld_active_files.fc_progress;
future<file_collection> rescan_future =
@ -2476,7 +2476,7 @@ int main(int argc, char *argv[])
continue;
}
for (auto line_iter = lf->begin(); line_iter != lf->end(); ++line_iter) {
if (!line_iter->is_continued()) {
if (line_iter->get_msg_level() != log_level_t::LEVEL_INVALID) {
continue;
}

4
src/lnav_commands.cc
Unescape Escape View File

@ -3776,7 +3776,7 @@ public:
auto format = lf->get_format();
shared_buffer_ref sbr;
if (ll->is_continued()) {
if (!ll->is_message()) {
continue;
}
@ -3829,7 +3829,7 @@ public:
auto format = lf->get_format();
shared_buffer_ref sbr;
if (ll->is_continued()) {
if (!ll->is_message()) {
continue;
}

10
src/lnav_config.cc
Unescape Escape View File

@ -531,7 +531,7 @@ static struct json_path_container theme_styles_handlers = {
})
.with_children(style_config_handlers),
yajlpp::property_handler("skewed-time")
.with_description("Styling for timestamps ")
.with_description("Styling for timestamps that are different from the received time")
.with_obj_provider<style_config, lnav_theme>([](const yajlpp_provider_context &ypc, lnav_theme *root) {
return &root->lt_style_skewed_time;
})
@ -542,6 +542,12 @@ static struct json_path_container theme_styles_handlers = {
return &root->lt_style_offset_time;
})
.with_children(style_config_handlers),
yajlpp::property_handler("invalid-msg")
.with_description("Styling for invalid log messages")
.with_obj_provider<style_config, lnav_theme>([](const yajlpp_provider_context &ypc, lnav_theme *root) {
return &root->lt_style_invalid_msg;
})
.with_children(style_config_handlers),
yajlpp::property_handler("popup")
.with_description("Styling for popup windows")
.with_obj_provider<style_config, lnav_theme>([](const yajlpp_provider_context &ypc, lnav_theme *root) {
@ -702,7 +708,7 @@ static struct json_path_container theme_status_styles_handlers = {
};
static struct json_path_container theme_log_level_styles_handlers = {
yajlpp::pattern_property_handler("(?<level>trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal)")
yajlpp::pattern_property_handler("(?<level>trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal|invalid)")
.with_obj_provider<style_config, lnav_theme>([](const yajlpp_provider_context &ypc, lnav_theme *root) {
style_config &sc = root->lt_level_styles[
string2level(ypc.ypc_extractor.get_substr_i("level").get())];

7
src/lnav_util.hh
Unescape Escape View File

@ -53,6 +53,7 @@
#include "byte_array.hh"
#include "optional.hpp"
#include "base/result.h"
#include "base/intern_string.hh"
#include "fmt/format.h"
#include "ghc/filesystem.hpp"
@ -80,6 +81,12 @@ public:
return *this;
}
hasher &update(const string_fragment &str) {
this->h_context.Update(str.data(), str.length());
return *this;
}
hasher &update(const char *bits, size_t len) {
this->h_context.Update(bits, len);

2
src/log_data_helper.hh
Unescape Escape View File

@ -86,7 +86,7 @@ public:
this->ldh_y_offset += 1;
}
this->ldh_line = ll;
if (ll->is_continued()) {
if (!ll->is_message()) {
this->ldh_parser.reset();
this->ldh_scanner.reset();
this->ldh_namer.reset();

2
src/log_data_table.hh
Unescape Escape View File

@ -147,7 +147,7 @@ public:
std::shared_ptr<logfile> lf = lss.find(cl);
auto lf_iter = lf->begin() + cl;
if (lf_iter->is_continued()) {
if (!lf_iter->is_message()) {
return false;
}

49
src/log_format.cc
Unescape Escape View File

@ -119,6 +119,7 @@ logline_value::logline_value(const intern_string_t name,
case VALUE_STRUCT:
case VALUE_TEXT:
case VALUE_QUOTED:
case VALUE_W3C_QUOTED:
case VALUE_TIMESTAMP:
this->lv_sbr.subset(sbr, start, end - start);
break;
@ -181,23 +182,28 @@ std::string logline_value::to_string() const
return std::string(this->lv_sbr.get_data(), this->lv_sbr.length());
case VALUE_QUOTED:
case VALUE_W3C_QUOTED:
if (this->lv_sbr.length() == 0) {
return "";
} else {
switch (this->lv_sbr.get_data()[0]) {
case '\'':
case '"': {
auto unquote_func = this->lv_kind == VALUE_W3C_QUOTED ?
unquote_w3c : unquote;
char unquoted_str[this->lv_sbr.length()];
size_t unquoted_len;
unquoted_len = unquote(unquoted_str, this->lv_sbr.get_data(),
this->lv_sbr.length());
unquoted_len = unquote_func(unquoted_str,
this->lv_sbr.get_data(),
this->lv_sbr.length());
return std::string(unquoted_str, unquoted_len);
}
default:
return std::string(this->lv_sbr.get_data(), this->lv_sbr.length());
}
}
break;
case VALUE_INTEGER:
snprintf(buffer, sizeof(buffer), "%" PRId64, this->lv_value.i);
@ -596,7 +602,7 @@ static struct json_path_container json_log_rewrite_handlers = {
.add_cb(rewrite_json_field)
};
bool external_log_format::scan_for_partial(shared_buffer_ref &sbr, size_t &len_out)
bool external_log_format::scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) const
{
if (this->elf_type != ELF_TYPE_TEXT) {
return false;
@ -672,19 +678,19 @@ log_format::scan_result_t external_log_format::scan(logfile &lf,
}
else {
unsigned char *msg;
int line_count = 1;
int line_count = 2;
msg = yajl_get_error(handle, 1, (const unsigned char *)sbr.get_data(), sbr.length());
if (msg != nullptr) {
log_debug("Unable to parse line at offset %d: %s", li.li_file_range.fr_offset, msg);
line_count = count(msg, msg + strlen((char *) msg), '\n');
line_count = count(msg, msg + strlen((char *) msg), '\n') + 1;
yajl_free_error(handle, msg);
}
if (!this->lf_specialized) {
return log_format::SCAN_NO_MATCH;
}
for (int lpc = 0; lpc < line_count; lpc++) {
log_level_t level = LEVEL_ERROR;
log_level_t level = LEVEL_INVALID;
ll.set_time(dst.back().get_time());
if (lpc > 0) {
@ -827,6 +833,16 @@ log_format::scan_result_t external_log_format::scan(logfile &lf,
return log_format::SCAN_MATCH;
}
if (this->lf_specialized && !this->elf_multiline) {
auto& last_line = dst.back();
dst.emplace_back(li.li_file_range.fr_offset,
last_line.get_timeval(),
log_level_t::LEVEL_INVALID);
return log_format::SCAN_MATCH;
}
return log_format::SCAN_NO_MATCH;
}
@ -880,7 +896,7 @@ void external_log_format::annotate(uint64_t line_number, shared_buffer_ref &line
pcre_context_static<128> pc;
pcre_input pi(line.get_data(), 0, line.length());
struct line_range lr;
pcre_context::capture_t *cap, *body_cap, *module_cap = NULL;
pcre_context::capture_t *cap, *body_cap, *module_cap = nullptr;
if (this->elf_type != ELF_TYPE_TEXT) {
values = this->jlf_line_values;
@ -896,6 +912,12 @@ void external_log_format::annotate(uint64_t line_number, shared_buffer_ref &line
lr.lr_start = 0;
lr.lr_end = line.length();
sa.emplace_back(lr, &SA_BODY);
if (!this->elf_multiline) {
auto len = pat.p_pcre->match_partial(pi);
sa.emplace_back(line_range{(int) len, -1},
&SA_INVALID,
(void *) "Log line does not match any pattern");
}
return;
}
@ -1171,17 +1193,26 @@ void external_log_format::get_subline(const logline &ll, shared_buffer_ref &sbr,
(const unsigned char *)sbr.get_data(), sbr.length());
if (parse_status != yajl_status_ok ||
yajl_complete_parse(handle) != yajl_status_ok) {
unsigned char *msg;
unsigned char* msg;
string full_msg;
msg = yajl_get_error(handle, 1, (const unsigned char *)sbr.get_data(), sbr.length());
if (msg != nullptr) {
full_msg = fmt::format("lnav: unable to parse line at offset {}: {}", ll.get_offset(), msg);
full_msg = fmt::format(
"[offset: {}] {}\n{}",
ll.get_offset(),
fmt::string_view{sbr.get_data(), sbr.length()},
msg);
yajl_free_error(handle, msg);
}
this->jlf_cached_line.resize(full_msg.size());
memcpy(this->jlf_cached_line.data(), full_msg.data(), full_msg.size());
this->jlf_line_values.clear();
this->jlf_line_attrs.emplace_back(
line_range{0, -1},
&SA_INVALID,
(void *) "JSON line failed to parse");
} else {
std::vector<logline_value>::iterator lv_iter;
bool used_values[this->jlf_line_values.size()];

3
src/log_format.hh
Unescape Escape View File

@ -105,6 +105,7 @@ public:
VALUE_JSON,
VALUE_STRUCT,
VALUE_QUOTED,
VALUE_W3C_QUOTED,
VALUE_TIMESTAMP,
VALUE__MAX
@ -343,7 +344,7 @@ public:
const line_info &li,
shared_buffer_ref &sbr) = 0;
virtual bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) {
virtual bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) const {
return false;
};

2
src/log_format_ext.hh
Unescape Escape View File

@ -139,7 +139,7 @@ public:
const line_info &offset,
shared_buffer_ref &sbr);
bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out);
bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) const;
void annotate(uint64_t line_number, shared_buffer_ref &line, string_attrs_t &sa,
std::vector<logline_value> &values, bool annotate_module = true) const;

15
src/log_format_fwd.hh
Unescape Escape View File

@ -133,6 +133,17 @@ public:
this->ll_millis = tv.tv_usec / 1000;
};
void set_ignore(bool val) {
if (val) {
this->ll_level |= LEVEL_IGNORE;
}
else {
this->ll_level &= ~LEVEL_IGNORE;
}
};
bool is_ignored() const { return this->ll_level & LEVEL_IGNORE; }
void set_mark(bool val) {
if (val) {
this->ll_level |= LEVEL_MARK;
@ -182,6 +193,10 @@ public:
return level_names[this->ll_level & ~LEVEL__FLAGS];
};
bool is_message() const {
return (this->ll_level & (LEVEL_IGNORE|LEVEL_CONTINUED)) == 0;
}
bool is_continued() const {
return this->ll_level & LEVEL_CONTINUED;
};

605
src/log_format_impls.cc
Unescape Escape View File

@ -33,10 +33,13 @@
#include <stdio.h>
#include <utility>
#include "pcrepp/pcrepp.hh"
#include "sql_util.hh"
#include "log_format.hh"
#include "log_vtab_impl.hh"
#include "lnav_util.hh"
using namespace std;
@ -124,7 +127,7 @@ class generic_log_format : public log_format {
{
pcre_context_static<30> context;
pcre_input pi(line);
string new_line = "";
string new_line;
if (scrub_pattern().match(context, pi)) {
pcre_context::capture_t *cap;
@ -252,12 +255,12 @@ lnav_strnstr(const char *s, const char *find, size_t slen)
do {
do {
if (slen < 1 || (sc = *s) == '\0')
return (NULL);
return (nullptr);
--slen;
++s;
} while (sc != c);
if (len > slen)
return (NULL);
return (nullptr);
} while (strncmp(s, find, len) != 0);
s--;
}
@ -270,7 +273,7 @@ struct separated_string {
const char *ss_separator;
size_t ss_separator_len;
separated_string(const char *str = nullptr, size_t len = -1)
explicit separated_string(const char *str = nullptr, size_t len = -1)
: ss_str(str), ss_len(len), ss_separator(",") {
this->ss_separator_len = strlen(this->ss_separator);
};
@ -288,7 +291,7 @@ struct separated_string {
size_t i_index;
iterator(const separated_string &ss, const char *pos)
: i_parent(ss), i_pos(pos), i_index(0) {
: i_parent(ss), i_pos(pos), i_next_pos(pos), i_index(0) {
this->update();
};
@ -340,11 +343,11 @@ struct separated_string {
};
iterator begin() {
return iterator(*this, this->ss_str);
return {*this, this->ss_str};
};
iterator end() {
return iterator(*this, this->ss_str + this->ss_len);
return {*this, this->ss_str + this->ss_len};
};
};
@ -358,7 +361,7 @@ public:
std::string fd_collator;
int fd_numeric_index;
field_def(const intern_string_t name)
explicit field_def(const intern_string_t name)
: fd_name(name),
fd_kind(logline_value::VALUE_TEXT),
fd_identifier(false),
@ -418,6 +421,10 @@ public:
return SCAN_MATCH;
}
if (iter.index() >= this->blf_field_defs.size()) {
break;
}
const field_def &fd = this->blf_field_defs[iter.index()];
if (TS == fd.fd_name) {
@ -425,7 +432,7 @@ public:
if (this->lf_date_time.scan(sf.data(),
sf.length(),
NULL,
nullptr,
&tm,
tv)) {
this->lf_timestamp_flags = tm.et_flags;
@ -603,7 +610,6 @@ public:
if (!this->blf_format_name.empty() &&
!this->blf_separator.empty() &&
!this->blf_field_defs.empty()) {
this->blf_header_size = dst.size() - 1;
dst.clear();
return this->scan_int(dst, li, sbr);
}
@ -740,7 +746,6 @@ public:
bool full_message) {
}
size_t blf_header_size;
intern_string_t blf_format_name;
intern_string_t blf_separator;
intern_string_t blf_set_separator;
@ -750,5 +755,583 @@ public:
};
struct ws_separated_string {
const char *ss_str;
size_t ss_len;
explicit ws_separated_string(const char *str = nullptr, size_t len = -1)
: ss_str(str), ss_len(len) {
};
struct iterator {
enum class state_t {
NORMAL,
QUOTED,
};
const ws_separated_string &i_parent;
const char *i_pos;
const char *i_next_pos;
size_t i_index{0};
state_t i_state{state_t::NORMAL};
iterator(const ws_separated_string &ss, const char *pos)
: i_parent(ss), i_pos(pos), i_next_pos(pos) {
this->update();
};
void update() {
const auto &ss = this->i_parent;
bool done = false;
while (!done && this->i_next_pos < (ss.ss_str + ss.ss_len)) {
switch (this->i_state) {
case state_t::NORMAL:
if (*this->i_next_pos == '"') {
this->i_state = state_t::QUOTED;
} else if (isspace(*this->i_next_pos)) {
done = true;
}
break;
case state_t::QUOTED:
if (*this->i_next_pos == '"') {
this->i_state = state_t::NORMAL;
}
break;
}
if (!done) {
this->i_next_pos += 1;
}
}
};
iterator &operator++() {
const auto &ss = this->i_parent;
this->i_pos = this->i_next_pos;
while (this->i_pos < (ss.ss_str + ss.ss_len) &&
isspace(*this->i_pos)) {
this->i_pos += 1;
this->i_next_pos += 1;
}
this->update();
this->i_index += 1;
return *this;
};
string_fragment operator*() {
const auto &ss = this->i_parent;
int end = this->i_next_pos - ss.ss_str;
return string_fragment(ss.ss_str, this->i_pos - ss.ss_str, end);
};
bool operator==(const iterator &other) const {
return (&this->i_parent == &other.i_parent) &&
(this->i_pos == other.i_pos);
};
bool operator!=(const iterator &other) const {
return !(*this == other);
};
size_t index() const {
return this->i_index;
};
};
iterator begin() {
return {*this, this->ss_str};
};
iterator end() {
return {*this, this->ss_str + this->ss_len};
};
};
class w3c_log_format : public log_format {
public:
struct field_def {
const intern_string_t fd_name;
const intern_string_t fd_sql_name;
logline_value::kind_t fd_kind;
bool fd_identifier;
std::string fd_collator;
int fd_numeric_index;
explicit field_def(const intern_string_t name)
: fd_name(name),
fd_sql_name(intern_string::lookup(sql_safe_ident(name.to_string_fragment()))),
fd_kind(logline_value::VALUE_TEXT),
fd_identifier(false),
fd_numeric_index(-1) {
};
field_def(const char *name, logline_value::kind_t kind, bool ident = false, std::string coll = "")
: fd_name(intern_string::lookup(name)),
fd_sql_name(intern_string::lookup(sql_safe_ident(string_fragment(name)))),
fd_kind(kind),
fd_identifier(ident),
fd_collator(std::move(coll)),
fd_numeric_index(-1) {
}
field_def &with_kind(logline_value::kind_t kind,
bool identifier = false,
const std::string &collator = "") {
this->fd_kind = kind;
this->fd_identifier = identifier;
this->fd_collator = collator;
return *this;
};
field_def &with_numeric_index(int index) {
this->fd_numeric_index = index;
return *this;
}
};
w3c_log_format() {
this->lf_is_self_describing = true;
this->lf_time_ordered = false;
};
const intern_string_t get_name() const override {
static const intern_string_t name(intern_string::lookup("w3c"));
return this->wlf_format_name.empty() ? name : this->wlf_format_name;
};
void clear() override {
this->log_format::clear();
this->wlf_time_scanner.clear();
this->wlf_format_name.clear();
this->wlf_field_defs.clear();
};
scan_result_t scan_int(std::vector<logline> &dst,
const line_info &li,
shared_buffer_ref &sbr) {
static const intern_string_t DATE = intern_string::lookup("date");
static const intern_string_t DATE_LOCAL = intern_string::lookup("date-local");
static const intern_string_t DATE_UTC = intern_string::lookup("date-UTC");
static const intern_string_t TIME = intern_string::lookup("time");
static const intern_string_t TIME_LOCAL = intern_string::lookup("time-local");
static const intern_string_t TIME_UTC = intern_string::lookup("time-UTC");
static const intern_string_t STATUS_CODE = intern_string::lookup("sc-status");
ws_separated_string ss(sbr.get_data(), sbr.length());
struct timeval date_tv{0, 0}, time_tv{0, 0};
struct exttm date_tm, time_tm;
bool found_date = false, found_time = false;
log_level_t level = LEVEL_INFO;
for (auto iter = ss.begin(); iter != ss.end(); ++iter) {
if (iter.index() >= this->wlf_field_defs.size()) {
level = LEVEL_INVALID;
break;
}
const field_def &fd = this->wlf_field_defs[iter.index()];
string_fragment sf = *iter;
if (sf.startswith("#")) {
if (sf == "#Date:") {
date_time_scanner dts;
struct exttm tm;
struct timeval tv;
if (dts.scan(sbr.get_data_at(sf.length() + 1),
sbr.length() - sf.length() - 1,
nullptr,
&tm,
tv)) {
this->lf_date_time.set_base_time(tv.tv_sec);
this->wlf_time_scanner.set_base_time(tv.tv_sec);
}
}
dst.emplace_back(li.li_file_range.fr_offset, 0, 0, LEVEL_IGNORE, 0);
return SCAN_MATCH;
}
sf.trim("\" \t");
if (DATE == fd.fd_name ||
DATE_LOCAL == fd.fd_name ||
DATE_UTC == fd.fd_name) {
if (this->lf_date_time.scan(sf.data(),
sf.length(),
nullptr,
&date_tm,
date_tv)) {
this->lf_timestamp_flags |= date_tm.et_flags;
found_date = true;
}
} else if (TIME == fd.fd_name ||
TIME_LOCAL == fd.fd_name ||
TIME_UTC == fd.fd_name) {
if (this->wlf_time_scanner.scan(sf.data(),
sf.length(),
nullptr,
&time_tm,
time_tv)) {
this->lf_timestamp_flags |= time_tm.et_flags;
found_time = true;
}
} else if (STATUS_CODE == fd.fd_name) {
if (!sf.empty() && sf[0] >= '4') {
level = LEVEL_ERROR;
}
}
if (fd.fd_numeric_index >= 0) {
switch (fd.fd_kind) {
case logline_value::VALUE_INTEGER:
case logline_value::VALUE_FLOAT: {
char field_copy[sf.length() + 1];
double val;
if (sscanf(sf.to_string(field_copy), "%lf", &val) == 1) {
this->lf_value_stats[fd.fd_numeric_index].add_value(val);
}
break;
}
default:
break;
}
}
}
if (found_time) {
struct exttm tm = time_tm;
struct timeval tv;
if (found_date) {
tm.et_tm.tm_year = date_tm.et_tm.tm_year;
tm.et_tm.tm_mday = date_tm.et_tm.tm_mday;
tm.et_tm.tm_mon = date_tm.et_tm.tm_mon;
tm.et_tm.tm_wday = date_tm.et_tm.tm_wday;
tm.et_tm.tm_yday = date_tm.et_tm.tm_yday;
}
tv.tv_sec = tm2sec(&tm.et_tm);
tv.tv_usec = tm.et_nsec / 1000;
dst.emplace_back(li.li_file_range.fr_offset, tv, level, 0);
return SCAN_MATCH;
} else {
return SCAN_NO_MATCH;
}
}
scan_result_t scan(logfile &lf,
std::vector<logline> &dst,
const line_info &li,
shared_buffer_ref &sbr) override {
static const field_def KNOWN_FIELDS[] = {
{
"cs-method",
logline_value::kind_t::VALUE_TEXT,
true,
},
{
"c-ip",
logline_value::kind_t::VALUE_TEXT,
true,
"ipaddress",
},
{
"cs-bytes",
logline_value::kind_t::VALUE_INTEGER,
false,
},
{
"cs-host",
logline_value::kind_t::VALUE_TEXT,
true,
},
{
"cs-uri-stem",
logline_value::kind_t::VALUE_TEXT,
true,
"naturalnocase",
},
{
"cs-uri-query",
logline_value::kind_t::VALUE_TEXT,
false,
},
{
"cs-username",
logline_value::kind_t::VALUE_TEXT,
false,
},
{
"cs-version",
logline_value::kind_t::VALUE_TEXT,
true,
},
{
"s-ip",
logline_value::kind_t::VALUE_TEXT,
true,
"ipaddress",
},
{
"s-port",
logline_value::kind_t::VALUE_INTEGER,
true,
},
{
"s-computername",
logline_value::kind_t::VALUE_TEXT,
true,
},
{
"s-sitename",
logline_value::kind_t::VALUE_TEXT,
true,
},
{
"sc-bytes",
logline_value::kind_t::VALUE_INTEGER,
false,
},
{
"sc-status",
logline_value::kind_t::VALUE_INTEGER,
false,
},
{
"time-taken",
logline_value::kind_t::VALUE_FLOAT,
false,
},
};
if (!this->wlf_format_name.empty()) {
return this->scan_int(dst, li, sbr);
}
if (dst.empty() || dst.size() > 20 || sbr.empty() || sbr.get_data()[0] == '#') {
return SCAN_NO_MATCH;
}
this->clear();
for (auto line_iter = dst.begin(); line_iter != dst.end(); ++line_iter) {
auto next_read_result = lf.read_line(line_iter);
if (next_read_result.isErr()) {
return SCAN_NO_MATCH;
}
auto line = next_read_result.unwrap();
ws_separated_string ss(line.get_data(), line.length());
auto iter = ss.begin();
string_fragment directive = *iter;
if (directive.empty() || directive[0] != '#') {
continue;
}
++iter;
if (iter == ss.end()) {
continue;
}
if (directive == "#Date:") {
date_time_scanner dts;
struct exttm tm;
struct timeval tv;
if (dts.scan(line.get_data_at(directive.length() + 1),
line.length() - directive.length() - 1,
nullptr,
&tm,
tv)) {
this->lf_date_time.set_base_time(tv.tv_sec);
this->wlf_time_scanner.set_base_time(tv.tv_sec);
}
} else if (directive == "#Fields:") {
hasher id_hash;
int numeric_count = 0;
do {
string_fragment sf = *iter;
id_hash.update(sf);
sf.trim(")");
auto field_iter = std::find_if(begin(KNOWN_FIELDS),
end(KNOWN_FIELDS),
[&sf](auto elem) {
return sf == elem.fd_name;
});
if (field_iter != end(KNOWN_FIELDS)) {
this->wlf_field_defs.emplace_back(*field_iter);
} else {
this->wlf_field_defs.emplace_back(
intern_string::lookup(sf));
}
auto& fd = this->wlf_field_defs.back();
switch (fd.fd_kind) {
case logline_value::kind_t::VALUE_FLOAT:
case logline_value::kind_t::VALUE_INTEGER:
fd.with_numeric_index(numeric_count);
numeric_count += 1;
break;
default:
break;
}
++iter;
} while (iter != ss.end());
this->wlf_format_name = intern_string::lookup(fmt::format(
"w3c_{}_log", id_hash.to_string().substr(0, 6)));
this->lf_value_stats.resize(numeric_count);
}
}
if (!this->wlf_format_name.empty() &&
!this->wlf_field_defs.empty()) {
dst.clear();
return this->scan_int(dst, li, sbr);
}
this->wlf_format_name.clear();
this->lf_value_stats.clear();
return SCAN_NO_MATCH;
};
void annotate(uint64_t line_number, shared_buffer_ref &sbr, string_attrs_t &sa,
std::vector<logline_value> &values, bool annotate_module) const override {
ws_separated_string ss(sbr.get_data(), sbr.length());
for (auto iter = ss.begin(); iter != ss.end(); ++iter) {
string_fragment sf = *iter;
if (iter.index() >= this->wlf_field_defs.size()) {
sa.emplace_back(line_range{sf.sf_begin, -1},
&SA_INVALID,
(void *) "extra fields detected");
return;
}
const field_def &fd = this->wlf_field_defs[iter.index()];
logline_value::kind_t kind = fd.fd_kind;
if (sf == "-") {
sf.invalidate();
kind = logline_value::VALUE_NULL;
}
auto lr = line_range(sf.sf_begin, sf.sf_end);
if (lr.is_valid()) {
values.emplace_back(fd.fd_sql_name,
sf.startswith("\"") ?
logline_value::kind_t::VALUE_W3C_QUOTED :
kind,
sbr,
fd.fd_identifier,
nullptr,
iter.index(),
lr.lr_start,
lr.lr_end,
false,
this);
} else {
values.emplace_back(fd.fd_sql_name, this);
}
}
};
const logline_value_stats *stats_for_value(const intern_string_t &name) const override {
const logline_value_stats *retval = nullptr;
for (const auto & wlf_field_def : this->wlf_field_defs) {
if (wlf_field_def.fd_sql_name == name) {
if (wlf_field_def.fd_numeric_index < 0) {
break;
}
retval = &this->lf_value_stats[wlf_field_def.fd_numeric_index];
break;
}
}
return retval;
};
std::shared_ptr<log_format> specialized(int fmt_lock = -1) override {
return make_shared<w3c_log_format>(*this);
};
class w3c_log_table : public log_format_vtab_impl {
public:
explicit w3c_log_table(const w3c_log_format &format)
: log_format_vtab_impl(format), wlt_format(format) {
}
void get_columns(vector<vtab_column> &cols) const override {
for (const auto &fd : this->wlt_format.wlf_field_defs) {
std::pair<int, unsigned int> type_pair = log_vtab_impl::logline_value_to_sqlite_type(fd.fd_kind);
cols.emplace_back(fd.fd_sql_name.to_string(), type_pair.first, fd.fd_collator, false, "", type_pair.second);
}
};
void get_foreign_keys(std::vector<std::string> &keys_inout) const override {
this->log_vtab_impl::get_foreign_keys(keys_inout);
for (const auto &fd : this->wlt_format.wlf_field_defs) {
if (fd.fd_identifier) {
keys_inout.push_back(fd.fd_sql_name.to_string());
}
}
}
const w3c_log_format &wlt_format;
};
static map<intern_string_t, std::shared_ptr<w3c_log_table>> &get_tables() {
static map<intern_string_t, std::shared_ptr<w3c_log_table>> retval;
return retval;
};
std::shared_ptr<log_vtab_impl> get_vtab_impl() const override {
if (this->wlf_format_name.empty()) {
return nullptr;
}
std::shared_ptr<w3c_log_table> retval = nullptr;
auto &tables = get_tables();
auto iter = tables.find(this->wlf_format_name);
if (iter == tables.end()) {
retval = std::make_shared<w3c_log_table>(*this);
tables[this->wlf_format_name] = retval;
}
return retval;
};
void get_subline(const logline &ll,
shared_buffer_ref &sbr,
bool full_message) override {
}
date_time_scanner wlf_time_scanner;
intern_string_t wlf_format_name;
vector<field_def> wlf_field_defs;
};
log_format::register_root_format<bro_log_format> bro_log_instance;
log_format::register_root_format<w3c_log_format> w3c_log_instance;
log_format::register_root_format<generic_log_format> generic_log_instance;

7
src/log_format_loader.cc
Unescape Escape View File

@ -1015,7 +1015,7 @@ void load_formats(const std::vector<ghc::filesystem::path> &extra_paths,
}
}
for (auto elf : alpha_ordered_formats) {
for (const auto& elf : alpha_ordered_formats) {
for (auto & popped_format : popped_formats) {
elf->elf_collision.remove(popped_format);
}
@ -1028,7 +1028,10 @@ void load_formats(const std::vector<ghc::filesystem::path> &extra_paths,
}
auto &roots = log_format::get_root_formats();
roots.insert(roots.begin(), graph_ordered_formats.begin(), graph_ordered_formats.end());
auto iter = std::find_if(roots.begin(), roots.end(), [](const auto& elem) {
return elem->get_name() == "generic_log";
});
roots.insert(iter, graph_ordered_formats.begin(), graph_ordered_formats.end());
}
static void exec_sql_in_path(sqlite3 *db, const ghc::filesystem::path &path, std::vector<string> &errors)

11
src/log_level.cc
Unescape Escape View File

@ -31,6 +31,7 @@
#include <ctype.h>
#include "base/lnav_log.hh"
#include "log_level.hh"
const char *level_names[LEVEL__MAX + 1] = {
@ -48,6 +49,7 @@ const char *level_names[LEVEL__MAX + 1] = {
"error",
"critical",
"fatal",
"invalid",
nullptr
};
@ -77,6 +79,15 @@ log_level_t abbrev2level(const char *levelstr, ssize_t len)
}
return LEVEL_DEBUG;
case 'I':
if (len == 7 &&
toupper(levelstr[1]) == 'N' &&
toupper(levelstr[2]) == 'V' &&
toupper(levelstr[3]) == 'A' &&
toupper(levelstr[4]) == 'L' &&
toupper(levelstr[5]) == 'I' &&
toupper(levelstr[6]) == 'D') {
return LEVEL_INVALID;
}
return LEVEL_INFO;
case 'S':
return LEVEL_STATS;

3
src/log_level.hh
Unescape Escape View File

@ -52,15 +52,18 @@ enum log_level_t : int {
LEVEL_ERROR,
LEVEL_CRITICAL,
LEVEL_FATAL,
LEVEL_INVALID,
LEVEL__MAX,
LEVEL_IGNORE = 0x10, /*< Ignore */
LEVEL_TIME_SKEW = 0x20, /*< Received after timestamp. */
LEVEL_MARK = 0x40, /*< Bookmarked line. */
LEVEL_CONTINUED = 0x80, /*< Continuation of multiline entry. */
/** Mask of flags for the level field. */
LEVEL__FLAGS = (
LEVEL_IGNORE |
LEVEL_TIME_SKEW |
LEVEL_MARK |
LEVEL_CONTINUED

2
src/log_search_table.cc
Unescape Escape View File

@ -108,7 +108,7 @@ bool log_search_table::next(log_cursor &lc, logfile_sub_source &lss)
auto lf = lss.find(cl);
auto lf_iter = lf->begin() + cl;
if (lf_iter->is_continued()) {
if (!lf_iter->is_message()) {
return false;
}

12
src/log_vtab_impl.cc
Unescape Escape View File

@ -141,6 +141,7 @@ pair<int, unsigned int> log_vtab_impl::logline_value_to_sqlite_type(logline_valu
case logline_value::VALUE_TEXT:
case logline_value::VALUE_STRUCT:
case logline_value::VALUE_QUOTED:
case logline_value::VALUE_W3C_QUOTED:
case logline_value::VALUE_TIMESTAMP:
type = SQLITE3_TEXT;
break;
@ -593,6 +594,7 @@ static int vt_column(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int col)
SQLITE_TRANSIENT);
break;
}
case logline_value::VALUE_W3C_QUOTED:
case logline_value::VALUE_QUOTED:
if (lv_iter->lv_sbr.length() == 0) {
sqlite3_result_text(ctx, "", 0, SQLITE_STATIC);
@ -606,11 +608,15 @@ static int vt_column(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int col)
case '"': {
char *val = (char *)sqlite3_malloc(text_len);
if (val == NULL) {
if (val == nullptr) {
sqlite3_result_error_nomem(ctx);
}
else {
size_t unquoted_len = unquote(val, text_value, text_len);
auto unquote_func =
lv_iter->lv_kind == logline_value::VALUE_W3C_QUOTED ?
unquote_w3c : unquote;
size_t unquoted_len = unquote_func(val, text_value, text_len);
sqlite3_result_text(ctx, val, unquoted_len, sqlite3_free);
}
break;
@ -899,7 +905,7 @@ static int vt_update(sqlite3_vtab *tab,
vis_line_t vl(rowid);
content_line_t cl = vt->lss->at(vl);
logline *ll = vt->lss->find_line(cl);
if (!ll->is_continued()) {
if (ll->is_message()) {
break;
}
vt->tc->set_user_mark(&textview_curses::BM_USER, vl, val);

4
src/log_vtab_impl.hh
Unescape Escape View File

@ -116,7 +116,7 @@ public:
std::shared_ptr<logfile> lf = lss.find(cl);
auto lf_iter = lf->begin() + cl;
if (lf_iter->is_continued()) {
if (!lf_iter->is_message()) {
return false;
}
@ -174,7 +174,7 @@ public:
auto lf_iter = lf->begin() + cl;
uint8_t mod_id = lf_iter->get_module_id();
if (lf_iter->is_continued()) {
if (!lf_iter->is_message()) {
return false;
}

5
src/logfile.cc
Unescape Escape View File

@ -403,8 +403,6 @@ logfile::rebuild_result_t logfile::rebuild_index()
size_t old_size = this->lf_index.size();
// Update this early so that line_length() works
this->lf_index_size = li.li_file_range.next_offset();
if (old_size == 0) {
file_range fr = this->lf_line_buffer.get_available();
auto avail_data = this->lf_line_buffer.read_range(fr);
@ -432,6 +430,9 @@ logfile::rebuild_result_t logfile::rebuild_index()
old_size = 0;
}
// Update this early so that line_length() works
this->lf_index_size = li.li_file_range.next_offset();
if (this->lf_logline_observer != nullptr) {
this->lf_logline_observer->logline_new_lines(
*this, this->begin() + old_size, this->end(), sbr);

2
src/logfile.hh
Unescape Escape View File

@ -287,7 +287,7 @@ public:
auto retval = ll;
while (retval != this->begin() &&
(retval->get_sub_offset() != 0 || retval->is_continued())) {
(retval->get_sub_offset() != 0 || !retval->is_message())) {
--retval;
}

39
src/logfile_sub_source.cc
Unescape Escape View File

@ -368,6 +368,19 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv,
value_out.emplace_back(lr, &view_curses::VC_STYLE, attrs);
if (this->lss_token_line->get_msg_level() == log_level_t::LEVEL_INVALID) {
for (auto& token_attr : this->lss_token_attrs) {
if (token_attr.sa_type != &SA_INVALID) {
continue;
}
value_out.emplace_back(token_attr.sa_range,
&view_curses::VC_ROLE,
view_colors::VCR_INVALID_MSG);
}
}
for (const auto &line_value : line_values) {
if ((!(this->lss_token_flags & RF_FULL) &&
line_value.lv_sub_offset != this->lss_token_line->get_sub_offset()) ||
@ -523,8 +536,8 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv,
value_out, &logline::L_TIMESTAMP);
if (time_range.lr_end != -1) {
attrs = vc.attrs_for_role(view_colors::VCR_ADJUSTED_TIME);
value_out.emplace_back(time_range, &view_curses::VC_STYLE, attrs);
value_out.emplace_back(time_range, &view_curses::VC_ROLE,
view_colors::VCR_ADJUSTED_TIME);
}
}
else if ((((this->lss_token_line->get_time() / (5 * 60)) % 2) == 0) &&
@ -533,8 +546,8 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv,
value_out, &logline::L_TIMESTAMP);
if (time_range.lr_end != -1) {
attrs = vc.attrs_for_role(view_colors::VCR_ALT_ROW);
value_out.emplace_back(time_range, &view_curses::VC_STYLE, attrs);
value_out.emplace_back(time_range, &view_curses::VC_ROLE,
view_colors::VCR_ALT_ROW);
}
}
@ -543,8 +556,8 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv,
value_out, &logline::L_TIMESTAMP);
if (time_range.lr_end != -1) {
attrs = vc.attrs_for_role(view_colors::VCR_SKEWED_TIME);
value_out.emplace_back(time_range, &view_curses::VC_STYLE, attrs);
value_out.emplace_back(time_range, &view_curses::VC_ROLE,
view_colors::VCR_SKEWED_TIME);
}
}
@ -727,7 +740,7 @@ logfile_sub_source::rebuild_result logfile_sub_source::rebuild_index()
for (iter = this->lss_files.begin();
iter != this->lss_files.end();
iter++) {
if ((*iter)->get_file() == NULL)
if ((*iter)->get_file() == nullptr)
continue;
(*iter)->ld_lines_indexed = (*iter)->get_file()->size();
@ -738,7 +751,7 @@ logfile_sub_source::rebuild_result logfile_sub_source::rebuild_index()
uint32_t filter_in_mask, filter_out_mask;
this->get_filters().get_enabled_mask(filter_in_mask, filter_out_mask);
if (start_size == 0 && this->lss_index_delegate != NULL) {
if (start_size == 0 && this->lss_index_delegate != nullptr) {
this->lss_index_delegate->index_start(*this);
}
@ -755,6 +768,10 @@ logfile_sub_source::rebuild_result logfile_sub_source::rebuild_index()
auto line_iter = (*ld)->get_file()->begin() + line_number;
if (line_iter->is_ignored()) {
continue;
}
if (!this->tss_apply_filters ||
(!(*ld)->ld_filter_state.excluded(filter_in_mask, filter_out_mask,
line_number) &&
@ -826,7 +843,7 @@ void logfile_sub_source::text_update_marks(vis_bookmarks &bm)
}
auto line_iter = lf->begin() + cl;
if (!line_iter->is_continued()) {
if (line_iter->is_message()) {
switch (line_iter->get_msg_level()) {
case LEVEL_WARNING:
bm[&BM_WARNINGS].insert_once(vl);
@ -855,7 +872,7 @@ log_accel::direction_t logfile_sub_source::get_line_accel_direction(
while (vl >= 0) {
logline *curr_line = this->find_line(this->at(vl));
if (curr_line->is_continued()) {
if (!curr_line->is_message()) {
--vl;
continue;
}
@ -1257,7 +1274,7 @@ log_location_history::loc_history_forward(vis_line_t current_top)
bool sql_filter::matches(const logfile &lf, logfile::const_iterator ll,
shared_buffer_ref &line)
{
if (ll->is_continued()) {
if (!ll->is_message()) {
return false;
}
if (this->sf_filter_stmt == nullptr) {

31
src/readline_curses.cc
Unescape Escape View File

@ -457,6 +457,37 @@ readline_context::readline_context(const std::string &name,
this->rc_append_character = ' ';
}
void readline_context::load()
{
char buffer[128];
rl_completer_word_break_characters = (char *)" \t\n|()"; /* XXX */
/*
* XXX Need to keep the input on a single line since the display screws
* up if it wraps around.
*/
snprintf(buffer, sizeof(buffer),
"set completion-ignore-case %s",
this->rc_case_sensitive ? "off" : "on");
rl_parse_and_bind(buffer); /* NOTE: buffer is modified */
loaded_context = this;
rl_attempted_completion_function = attempted_completion;
history_set_history_state(&this->rc_history);
for (auto &rc_var : this->rc_vars) {
*(rc_var.rv_dst.ch) = (char *) rc_var.rv_val.ch;
}
}
void readline_context::save()
{
HISTORY_STATE *hs = history_get_history_state();
this->rc_history = *hs;
free(hs);
hs = nullptr;
}
readline_curses::readline_curses()
: rc_change(noop_func{}),
rc_perform(noop_func{}),

31
src/readline_curses.hh
Unescape Escape View File

@ -101,36 +101,9 @@ public:
const std::string &get_name() const { return this->rc_name; };
void load()
{
char buffer[128];
rl_completer_word_break_characters = (char *)" \t\n|()"; /* XXX */
/*
* XXX Need to keep the input on a single line since the display screws
* up if it wraps around.
*/
snprintf(buffer, sizeof(buffer),
"set completion-ignore-case %s",
this->rc_case_sensitive ? "off" : "on");
rl_parse_and_bind(buffer); /* NOTE: buffer is modified */
loaded_context = this;
rl_attempted_completion_function = attempted_completion;
history_set_history_state(&this->rc_history);
for (auto &rc_var : this->rc_vars) {
*(rc_var.rv_dst.ch) = (char *) rc_var.rv_val.ch;
}
};
void load();
void save()
{
HISTORY_STATE *hs = history_get_history_state();
this->rc_history = *hs;
free(hs);
hs = nullptr;
};
void save();
void add_possibility(const std::string& type, const std::string& value)
{

6
src/sql_util.cc
Unescape Escape View File

@ -287,7 +287,7 @@ static int handle_table_list(void *ptr,
{
struct table_list_data *tld = (struct table_list_data *)ptr;
(*tld->tld_iter)->second.push_back(colvalues[0]);
(*tld->tld_iter)->second.emplace_back(colvalues[0]);
if (!tld->tld_callbacks->smc_table_list) {
return 0;
}
@ -657,7 +657,7 @@ string sql_safe_ident(const string_fragment &ident)
char ch = retval[lpc];
if (isalnum(ch) || ch == '_') {
retval[lpc] = ch;
retval[lpc] = tolower(ch);
} else {
retval[lpc] = '_';
}
@ -703,7 +703,7 @@ void sql_compile_script(sqlite3 *db,
log_error("unable to allocate error message");
break;
}
errors.push_back(full_msg.in());
errors.emplace_back(full_msg.in());
break;
} else if (script == tail) {
break;

1
src/string_attr_type.cc
Unescape Escape View File

@ -36,3 +36,4 @@ string_attr_type SA_BODY("body");
string_attr_type SA_HIDDEN("hidden");
string_attr_type SA_FORMAT("format");
string_attr_type SA_REMOVED("removed");
string_attr_type SA_INVALID("invalid");

1
src/string_attr_type.hh
Unescape Escape View File

@ -45,5 +45,6 @@ extern string_attr_type SA_BODY;
extern string_attr_type SA_HIDDEN;
extern string_attr_type SA_FORMAT;
extern string_attr_type SA_REMOVED;
extern string_attr_type SA_INVALID;
#endif

1
src/styling.hh
Unescape Escape View File

@ -142,6 +142,7 @@ struct lnav_theme {
style_config lt_style_adjusted_time;
style_config lt_style_skewed_time;
style_config lt_style_offset_time;
style_config lt_style_invalid_msg;
style_config lt_style_status_title;
style_config lt_style_status_title_hotkey;
style_config lt_style_status_disabled_title;

2
src/textview_curses.cc
Unescape Escape View File

@ -79,7 +79,7 @@ void text_filter::add_line(
logfile_filter_state &lfs, logfile::const_iterator ll, shared_buffer_ref &line) {
bool match_state = this->matches(*lfs.tfs_logfile, ll, line);
if (!ll->is_continued()) {
if (ll->is_message()) {
this->end_of_message(lfs);
}

3
src/themes/default-theme.json
Unescape Escape View File

@ -40,6 +40,9 @@
"offset-time": {
"color": "Teal"
},
"invalid-msg": {
"color": "Yellow"
},
"popup": {
"color": "Silver",
"background-color": "Teal"

3
src/themes/eldar.json
Unescape Escape View File

@ -51,6 +51,9 @@
"offset-time": {
"color": "$cyan"
},
"invalid-msg": {
"color": "$yellow"
},
"popup": {
"color": "$black",
"background-color": "Grey37"

3
src/themes/monocai.json
Unescape Escape View File

@ -51,6 +51,9 @@
"offset-time": {
"color": "$cyan"
},
"invalid-msg": {
"color": "$yellow"
},
"popup": {
"color": "$white",
"background-color": "$cyan"

3
src/themes/night-owl.json
Unescape Escape View File

@ -50,6 +50,9 @@
"offset-time": {
"color": "$cyan"
},
"invalid-msg": {
"color": "$yellow"
},
"popup": {
"color": "$base00",
"background-color": "$base3"

3
src/themes/solarized-dark.json
Unescape Escape View File

@ -60,6 +60,9 @@
"offset-time": {
"color": "$cyan"
},
"invalid-msg": {
"color": "$yellow"
},
"popup": {
"color": "$base00",
"background-color": "$base3"

3
src/themes/solarized-light.json
Unescape Escape View File

@ -60,6 +60,9 @@
"offset-time": {
"color": "$cyan"
},
"invalid-msg": {
"color": "$yellow"
},
"popup": {
"color": "$base00",
"background-color": "$base3"

6
src/view_curses.cc
Unescape Escape View File

@ -439,12 +439,12 @@ void view_curses::mvwattrline(WINDOW *window,
if (attr_range.lr_end > attr_range.lr_start) {
int awidth = attr_range.length();
int color_pair;
int color_pair = 0;
if (iter->sa_type == &VC_STYLE) {
attrs = iter->sa_value.sav_int & ~A_COLOR;
color_pair = PAIR_NUMBER(iter->sa_value.sav_int);
} else {
} else if (iter->sa_type == &VC_ROLE) {
attrs = vc.attrs_for_role((view_colors::role_t) iter->sa_value.sav_int);
color_pair = PAIR_NUMBER(attrs);
attrs = attrs & ~A_COLOR;
@ -808,6 +808,8 @@ void view_colors::init_roles(const lnav_theme &lt,
color_pair_base, lt, lt.lt_style_skewed_time, lt.lt_style_text, reporter);
this->vc_role_colors[VCR_OFFSET_TIME] = this->to_attrs(
color_pair_base, lt, lt.lt_style_offset_time, lt.lt_style_text, reporter);
this->vc_role_colors[VCR_INVALID_MSG] = this->to_attrs(
color_pair_base, lt, lt.lt_style_invalid_msg, lt.lt_style_text, reporter);
this->vc_role_colors[VCR_STATUS] = this->to_attrs(color_pair_base,
lt, lt.lt_style_status, lt.lt_style_status, reporter);

1
src/view_curses.hh
Unescape Escape View File

@ -198,6 +198,7 @@ public:
VCR_ADJUSTED_TIME,
VCR_SKEWED_TIME,
VCR_OFFSET_TIME,
VCR_INVALID_MSG,
VCR_STATUS, /*< Normal status line text. */
VCR_WARN_STATUS,
VCR_ALERT_STATUS, /*< Alert status line text. */

2
src/view_helpers.cc
Unescape Escape View File

@ -90,7 +90,7 @@ static void open_pretty_view()
auto ll = lf->begin() + cl;
shared_buffer_ref sbr;
if (!first_line && ll->is_continued()) {
if (!first_line && !ll->is_message()) {
continue;
}
auto ll_start = lf->message_start(ll);

4
test/drive_logfile.cc
Unescape Escape View File

@ -157,6 +157,10 @@ int main(int argc, char *argv[])
case MODE_TIMES:
for (logfile::iterator iter = lf.begin();
iter != lf.end(); ++iter) {
if (iter->is_ignored()) {
continue;
}
char buffer[1024];
time_t lt;

5
test/logfile_w3c.0
Unescape Escape View File

@ -0,0 +1,5 @@
#Software: Microsoft HTTP Server API 2.0
#Version: 1.0 // the log file version as it's described by "https://www.w3.org/TR/WD-logfile".
#Date: 2002-05-02 17:42:15 // when the first log file entry was recorded, which is when the entire log file was created.
#Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status cs(User-Agent)
2002-05-02 17:42:15 172.22.255.255 - 172.30.255.255 80 GET /images/picture.jpg - 200 Mozilla/4.0+(compatible;MSIE+5.5;+Windows+2000+Server)

7
test/logfile_w3c.1
Unescape Escape View File

@ -0,0 +1,7 @@
#Version: 1.0
#GMT-Offset: -0800
#Software: Oracle9iAS Web Cache/2.0.0.2.0
#Start-Date: 2001-10-31 00:00:18
#Fields: c-ip c-dns c-auth-id date time cs-method cs-uri sc-status bytes cs(Cookie) cs(Referrer) time-taken cs(User-Agent)
#Date: 2001-10-31 00:00:18
64.103.37.2 client_joaz7 DMS.user 2001-10-31 00:00:18 GET /admin/images/oc_bottomleft.gif 200 350 "BIGipServerwww_webcache_pool=1443321748.19460.0000;ORA_UCM_AGID=%2fMP%2f8M7%3etSHPV%40%2fS%3f%3fDh3VHO" "http://www.oracle.com/nl/partner/content.html" 370879 "Mozilla/4.5 [en] (WinNT; I)"

22
test/logfile_w3c.2
Unescape Escape View File

@ -0,0 +1,22 @@
#Software: Microsoft Internet Information Server 4.0
#Version: 1.0
#Date: 2000-10-09 16:44:49
#Fields: time c-ip cs-method cs-uri-stem sc-status
16:44:49 1.1.1.1 [2]USER anonymous 331
16:44:49 1.1.1.1 [2]PASS - 230
16:48:05 1.1.1.1 [2]QUIT - 226
16:48:17 1.1.1.1 [3]USER anonymous 331
16:48:24 1.1.1.1 [3]PASS user@domain.com 230
16:48:35 1.1.1.1 [3]sent /user/test.c 226
16:48:41 1.1.1.1 [3]created readme.txt 226
16:48:41 1.1.1.1 [3]created fileid.diz 226
16:48:41 1.1.1.1 [3]created names.dll 226
16:48:41 1.1.1.1 [3]created TEST.EXE 226
16:48:44 1.1.1.1 [3]QUIT - 226
#Software: Microsoft Internet Information Server 4.0
#Version: 1.0
#Date: 2000-10-10 16:44:49
#Fields: time c-ip cs-method cs-uri-stem sc-status
16:44:49 1.1.1.1 [2]USER anonymous 331
16:44:49 1.1.1.1 [2]PASS - 230
16:48:05 1.1.1.1 [2]QUIT - 226

10
test/logfile_w3c.3
Unescape Escape View File

@ -0,0 +1,10 @@
#Software: IIS Advanced Logging Module
#Version: 1.0
#Start-Date: 2014-11-18 00:00:00.128
#Fields: date-local time-local s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) cs(Host) sc-status sc-substatus sc-win32-status TimeTakenMS
2012-08-15 17:00:00.363 1.2.3.4 GET /Products/theProduct - 80 - "70.95.0.0" "Mozilla/5.0 (Linux; Android 4.4.4; SM-G900V Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.59 Mobile Safari/537.36" "http://example.com/Search/SearchResults.pg?informationRecipient.languageCode.c=en" "xzy.example.com" 200 0 0 109
2012-08-15 17:00:00.660 10.10.28.140 GET /Topic/hw43061 - 80 - - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36" - "example.hello.com" 301 0 0 0
2012-08-15 17:00:00.675 10.10.28.140 GET /hello/world/6,681965 - 80 - "173.5.0.0" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36" - "hello.example.com" 404 " ""garbage"" w/ spaces " 0 359

6
test/logfile_w3c.4
Unescape Escape View File

@ -0,0 +1,6 @@
#Software: Incapsula LOGS API
#Version: 1.1
#Date: 28/Jun/2017 07:28:59
#Fields: date time cs-vid cs-clapp cs-browsertype cs-js-support cs-co-support c-ip s-caip cs-clappsig s-capsupport s-suid cs(User-Agent) cs-sessionid s-siteid cs-countrycode s-tag cs-cicode s-computername cs-lat cs-long s-accountname cs-uri cs-postbody cs-version sc-action s-externalid cs(Referrer) s-ip s-port cs-method cs-uri-query sc-status s-xff cs-bytes cs-start cs-rule cs-severity cs-attacktype cs-attackid s-ruleName
"2017-06-28" "07:26:35" "a1f36498-c34a-45b9-b3a5-ee0bd00f91b6" "Chrome" "Browser" "false" "true" "123.123.123.123" "" "62a660e57ba257275cf7ccf699919eae18e07e84cb11c1075e99b1be98456059d3064ec14d3932ba6e89f5393a158b8b8c2572ad7ad7dadb0fe02a34ae4c3d504c035017bf9a6a7802bb898226378938" "NA" "774502" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "452000660051880893" "44850949" "SE" "LS" "Stockholm" "www.example.com" "32.0000" "32.0000" "Customer" "www.example.com/page.php" "" "HTTP" "REQ_PASSED" "118866685985031205" "" "124.124.124.124" "80" "GET" "variable=test" "200" "123.123.123.123" "10117" "1498634795555" "" "" "" "" ""
"2017-06-26" "18:21:17" "daf5e234-24fc-4a69-985c-ab923529b393" "Firefox" "Browser" "false" "true" "125.125.125.125" "" "030404c9ac184e57a6c956e6bfad11dc23186ea6cf166908c6bc7db81aab7170e33740ea4d2972210f96e3365d25eb25a222f316a4f9221f39e56035fa9a49c80f9eedd9b846bb0491abe72a4b988e7cd3e7117283cee9f556726334972b7ce9" "NA" "774502" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 Lightning/4.7.8" "000000830000750000" "85437078" "SE" "XX" "Town" "www.example.com" "66.3333" "66.3333" "Company" "www.example.com/rss/news" "" "HTTP" "REQ_BAD_SERVER_CLOSED_CONNECTION" "3004162128217401" "" "125.125.125.125" "80" "GET" "" "" "125.125.125.125" "" "1498501277430" "" "" "" "" ""

2
test/logfile_w3c.5
Unescape Escape View File

@ -0,0 +1,2 @@
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283

5
test/logfile_w3c.6
Unescape Escape View File

@ -0,0 +1,5 @@
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 00:32:17
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 ÄÖÜäöüßßMözillä/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283

254
test/logfile_w3c_big.0
Unescape Escape View File

@ -0,0 +1,254 @@
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 00:32:17
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 157
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 152
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 149
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 137
2015-01-13 00:32:26 100.79.192.81 GET /p/eToken1.png - 80 - 207.46.13.64 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 245 157
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 02:05:40
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 02:05:40 100.79.192.81 GET /48672181611.html - 80 - 180.111.242.129 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0) - 404 0 2 1405 141 2411
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 08:22:18
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 08:22:18 100.79.192.81 GET /robots.txt - 80 - 66.249.78.6 Mozilla/5.0+(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) - 404 0 2 1405 250 156
2015-01-13 08:22:18 100.79.192.81 GET /contact/ - 80 - 66.249.64.36 Mozilla/5.0+AppleWebKit/537.36+(KHTML,+like+Gecko;+Google+Web+Preview+Analytics)+Chrome/27.0.1453+Safari/537.36+(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) - 404 0 2 1405 331 376
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 09:49:46
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 09:49:46 100.79.192.81 GET / - 80 - 188.120.253.124 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US)+AppleWebKit/533.4+(KHTML,+like+Gecko)+Chrome/5.0.375.99+Safari/533.4 http://example.com 200 0 0 960 205 468
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 10:16:10
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 10:16:10 100.79.192.81 GET /robots.txt - 80 - 37.59.20.217 Mozilla/5.0+(compatible;+MJ12bot/v1.4.5;+http://www.majestic12.co.uk/bot.php?+) - 404 0 2 1424 170 156
2015-01-13 10:16:15 100.79.192.81 GET / - 80 - 37.59.20.217 Mozilla/5.0+(compatible;+MJ12bot/v1.4.5;+http://www.majestic12.co.uk/bot.php?+) - 200 0 0 979 313 265
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 10:46:33
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 10:46:33 100.79.192.81 GET / - 80 - 188.163.80.167 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/7.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+Media+Center+PC+6.0;+.NET4.0C;+.NET4.0E) - 200 0 0 960 327 499
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 12:30:24
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 12:30:24 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 261 283
2015-01-13 12:30:30 100.79.192.81 GET / - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 200 0 0 960 264 418
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 13:00:56
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 13:00:56 100.79.192.81 GET / - 80 - 192.99.149.88 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 64 0 212 504
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 16:35:13
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 16:35:13 100.79.192.81 GET / - 80 - 130.211.190.46 NerdyBot - 200 0 0 984 94 503
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 22:29:42
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 22:29:42 100.79.192.81 GET / - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 200 0 0 960 238 807
2015-01-13 22:29:42 100.79.192.81 GET /fckeditor/fckconfig.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 376
2015-01-13 22:29:42 100.79.192.81 GET /fckeditor/license.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 259 392
2015-01-13 22:29:43 100.79.192.81 GET /fckeditor/editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 277 399
2015-01-13 22:29:43 100.79.192.81 GET /fckeditor/fckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 392
2015-01-13 22:29:43 100.79.192.81 GET /FCK/editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 271 393
2015-01-13 22:29:44 100.79.192.81 GET /FCK/fckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 392
2015-01-13 22:29:44 100.79.192.81 GET /fckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 250 377
2015-01-13 22:29:44 100.79.192.81 GET /editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 267 361
2015-01-13 22:29:45 100.79.192.81 GET /fckeditor/editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 277 352
2015-01-13 22:29:45 100.79.192.81 GET /ckeditor/ckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 258 355
2015-01-13 22:29:45 100.79.192.81 GET / c=4e5e5d7364f443e28fbf0d3ae744a59a 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 200 0 0 960 273 361
2015-01-13 22:29:46 100.79.192.81 GET /wp-cron.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 345
2015-01-13 22:29:46 100.79.192.81 GET /wp-content - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 354
2015-01-13 22:29:46 100.79.192.81 GET /wp-login.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 250 338
2015-01-13 22:29:47 100.79.192.81 GET /license.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 345
2015-01-13 22:29:47 100.79.192.81 GET /readme.html - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 346
2015-01-13 22:29:47 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 345
2015-01-13 22:29:48 100.79.192.81 GET /favicon.ico - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 330
2015-01-13 22:29:48 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 335
2015-01-13 22:29:48 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 325
2015-01-13 22:29:48 100.79.192.81 GET /wordpress/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 330
2015-01-13 22:29:50 100.79.192.81 GET /wp/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 241 345
2015-01-13 22:29:50 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330
2015-01-13 22:29:50 100.79.192.81 GET /archiver - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 345
2015-01-13 22:29:51 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330
2015-01-13 22:29:51 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 329
2015-01-13 22:29:51 100.79.192.81 GET /discuz/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 346
2015-01-13 22:29:52 100.79.192.81 GET /docs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 330
2015-01-13 22:29:52 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 345
2015-01-13 22:29:52 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 346
2015-01-13 22:29:53 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 345
2015-01-13 22:29:53 100.79.192.81 GET /cart/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 345
2015-01-13 22:29:53 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 346
2015-01-13 22:29:54 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 345
2015-01-13 22:29:54 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 361
2015-01-13 22:29:54 100.79.192.81 GET /shopex/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 344
2015-01-13 22:29:55 100.79.192.81 GET /administrator/manifests/files/joomla.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 278 363
2015-01-13 22:29:55 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361
2015-01-13 22:29:55 100.79.192.81 GET /joomla/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 361
2015-01-13 22:29:56 100.79.192.81 GET /public/js/ips.board.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 361
2015-01-13 22:29:56 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 385
2015-01-13 22:29:56 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 369
2015-01-13 22:29:57 100.79.192.81 GET /ipboard/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 377
2015-01-13 22:29:57 100.79.192.81 GET /board/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 377
2015-01-13 22:29:57 100.79.192.81 GET /data/admin/ver.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 256 393
2015-01-13 22:29:58 100.79.192.81 GET /digg.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 377
2015-01-13 22:29:58 100.79.192.81 GET /plus/sitemap.html - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 255 361
2015-01-13 22:29:58 100.79.192.81 GET /plus/rssmap.html - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 377
2015-01-13 22:29:59 100.79.192.81 GET /plus/heightsearch.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 259 377
2015-01-13 22:29:59 100.79.192.81 GET /data - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377
2015-01-13 22:29:59 100.79.192.81 GET /member/space/company/info.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 267 376
2015-01-13 22:30:00 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 378
2015-01-13 22:30:00 100.79.192.81 GET /dedecms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 393
2015-01-13 22:30:00 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 393
2015-01-13 22:30:02 100.79.192.81 GET /empirecms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 393
2015-01-13 22:30:02 100.79.192.81 GET /CHANGELOG.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 251 377
2015-01-13 22:30:02 100.79.192.81 GET /changelog.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 251 393
2015-01-13 22:30:03 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377
2015-01-13 22:30:03 100.79.192.81 GET /drupal/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 393
2015-01-13 22:30:03 100.79.192.81 GET /admin - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 378
2015-01-13 22:30:04 100.79.192.81 GET /list.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 376
2015-01-13 22:30:04 100.79.192.81 GET /admin/template/article_more/config.htm - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 276 377
2015-01-13 22:30:04 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377
2015-01-13 22:30:05 100.79.192.81 GET /docs.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 393
2015-01-13 22:30:05 100.79.192.81 GET /phpmyadmin/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 408
2015-01-13 22:30:05 100.79.192.81 GET /rss.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 393
2015-01-13 22:30:06 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 410
2015-01-13 22:30:06 100.79.192.81 GET /inc/rsd.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 391
2015-01-13 22:30:06 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 409
2015-01-13 22:30:08 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 408
2015-01-13 22:30:08 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 408
2015-01-13 22:30:08 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 424
2015-01-13 22:30:09 100.79.192.81 GET /tools/rss.aspx - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 0 2127 252 472
2015-01-13 22:30:09 100.79.192.81 GET /help.aspx - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 0 2122 247 408
2015-01-13 22:30:09 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 424
2015-01-13 22:30:10 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 408
2015-01-13 22:30:10 100.79.192.81 GET /discuz/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 422
2015-01-13 22:30:10 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 395
2015-01-13 22:30:11 100.79.192.81 GET /foosun/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 393
2015-01-13 22:30:11 100.79.192.81 GET /index.php m=search 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 256 345
2015-01-13 22:30:11 100.79.192.81 GET /index.php m=wap 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 253 315
2015-01-13 22:30:11 100.79.192.81 GET /index.php m=admin 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 255 314
2015-01-13 22:30:13 100.79.192.81 GET /index.php m=admin&c=index&a=login&pc_hash= 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 280 314
2015-01-13 22:30:13 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 313
2015-01-13 22:30:13 100.79.192.81 GET /phpcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 315
2015-01-13 22:30:13 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:14 100.79.192.81 GET /aspcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 313
2015-01-13 22:30:14 100.79.192.81 GET /admin/inc/xml.xslt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 256 315
2015-01-13 22:30:14 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:14 100.79.192.81 GET /feed.asp - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314
2015-01-13 22:30:15 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 314
2015-01-13 22:30:15 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 315
2015-01-13 22:30:15 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:15 100.79.192.81 GET /zblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314
2015-01-13 22:30:16 100.79.192.81 GET /mail/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 315
2015-01-13 22:30:16 100.79.192.81 GET /webmail/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314
2015-01-13 22:30:16 100.79.192.81 GET /archive/archive.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 257 314
2015-01-13 22:30:16 100.79.192.81 GET /clientscript/vbulletin_ajax_htmlloader.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 279 314
2015-01-13 22:30:18 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330
2015-01-13 22:30:18 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 361
2015-01-13 22:30:18 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 392
2015-01-13 22:30:19 100.79.192.81 GET /phpbb/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 424
2015-01-13 22:30:19 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 420
2015-01-13 22:30:19 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 398
2015-01-13 22:30:20 100.79.192.81 GET /leadbbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 408
2015-01-13 22:30:20 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 408
2015-01-13 22:30:20 100.79.192.81 GET /cmseasy/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 392
2015-01-13 22:30:21 100.79.192.81 GET /history.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 408
2015-01-13 22:30:21 100.79.192.81 GET /common/common.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 378
2015-01-13 22:30:21 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 361
2015-01-13 22:30:22 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 381
2015-01-13 22:30:22 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 357
2015-01-13 22:30:22 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 361
2015-01-13 22:30:23 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361
2015-01-13 22:30:23 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 362
2015-01-13 22:30:23 100.79.192.81 GET /typecho/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 377
2015-01-13 22:30:25 100.79.192.81 GET /extern.php action=feed&type=atom 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 270 361
2015-01-13 22:30:25 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377
2015-01-13 22:30:25 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 377
2015-01-13 22:30:26 100.79.192.81 GET /fluxbb/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 377
2015-01-13 22:30:26 100.79.192.81 GET /inc/Templates/rss.xslt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 362
2015-01-13 22:30:26 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 392
2015-01-13 22:30:27 100.79.192.81 GET /dvbbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 377
2015-01-13 22:30:27 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 376
2015-01-13 22:30:27 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 394
2015-01-13 22:30:28 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 377
2015-01-13 22:30:28 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 372
2015-01-13 22:30:28 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 399
2015-01-13 22:30:29 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 376
2015-01-13 22:30:29 100.79.192.81 GET /opencart/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 247 393
2015-01-13 22:30:29 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 393
2015-01-13 22:30:30 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 411
2015-01-13 22:30:30 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 401
2015-01-13 22:30:30 100.79.192.81 GET /iwebshop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 247 397
2015-01-13 22:30:31 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 408
2015-01-13 22:30:31 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 407
2015-01-13 22:30:31 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 394
2015-01-13 22:30:33 100.79.192.81 GET /ecshop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 408
2015-01-13 22:30:33 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 393
2015-01-13 22:30:33 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 414
2015-01-13 22:30:34 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 402
2015-01-13 22:30:34 100.79.192.81 GET /shop7z/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 394
2015-01-13 22:30:34 100.79.192.81 GET /skin/frontend/default/modern/css/styles.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 281 384
2015-01-13 22:30:35 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 338
2015-01-13 22:30:35 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 315
2015-01-13 22:30:35 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 314
2015-01-13 22:30:35 100.79.192.81 GET /magento/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314
2015-01-13 22:30:36 100.79.192.81 GET /api/api_user.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 330
2015-01-13 22:30:36 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:36 100.79.192.81 GET /kesion/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 314
2015-01-13 22:30:36 100.79.192.81 GET /archiver - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314
2015-01-13 22:30:38 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 314
2015-01-13 22:30:38 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:38 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314
2015-01-13 22:30:38 100.79.192.81 GET /bbsmax/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 313
2015-01-13 22:30:39 100.79.192.81 GET /inc/playerKinds.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 257 316
2015-01-13 22:30:39 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:39 100.79.192.81 GET /maxcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 314
2015-01-13 22:30:39 100.79.192.81 GET /install - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 315
2015-01-13 22:30:40 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:40 100.79.192.81 GET /oecms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314
2015-01-13 22:30:40 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314
2015-01-13 22:30:40 100.79.192.81 GET /lazycms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 313
2015-01-13 22:30:41 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 315
2015-01-13 22:30:41 100.79.192.81 GET /verycms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314
2015-01-13 22:30:41 100.79.192.81 GET /template/home.htm - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 255 315
2015-01-13 22:30:41 100.79.192.81 GET /system/skins/default/system.login.htm - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 275 314
2015-01-13 22:30:43 100.79.192.81 GET /system/language/zh-cn.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 263 314
2015-01-13 22:30:43 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330
2015-01-13 22:30:43 100.79.192.81 GET /kingcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 345
2015-01-13 22:30:44 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 331
2015-01-13 22:30:44 100.79.192.81 GET /metinfo/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 345
2015-01-13 22:30:44 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361
2015-01-13 22:30:45 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 340
2015-01-13 22:30:45 100.79.192.81 GET /6kbb/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 335
2015-01-13 22:30:45 100.79.192.81 GET /stylesheet.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 252 383
2015-01-13 22:30:46 100.79.192.81 GET /includes/general.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 257 393
2015-01-13 22:30:46 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 424
2015-01-13 22:30:46 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 408
2015-01-13 22:30:47 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 417
2015-01-13 22:30:47 100.79.192.81 GET /oscommerce/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 416
2015-01-13 22:30:47 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361
2015-01-13 22:30:48 100.79.192.81 GET /jxcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 317
2015-01-13 22:30:48 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 311
2015-01-13 22:30:48 100.79.192.81 GET /zcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 313
2015-01-13 22:30:48 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 319
2015-01-13 22:30:49 100.79.192.81 GET /licence.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 310
2015-01-13 22:30:49 100.79.192.81 GET /rss.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 317
2015-01-13 22:30:49 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 315
2015-01-13 22:30:49 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314
2015-01-13 22:30:51 100.79.192.81 GET /phpwind/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 341
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2015-01-13 23:15:41
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2015-01-13 23:15:41 100.79.192.81 GET /robots.txt - 80 - 188.165.15.50 Mozilla/5.0+(compatible;+AhrefsBot/5.0;++http://ahrefs.com/robot/) - 404 0 2 1405 170 141

27
test/test_cmds.sh
Unescape Escape View File

@ -156,10 +156,10 @@ run_test ${lnav_test} -nvq \
-c ":config /ui/clock-format" \
${test_dir}/logfile_access_log.0
check_error_output "config clock-format" <<EOF
check_error_output "config clock-format 1" <<EOF
EOF
check_output "config clock-format" <<EOF
check_output "config clock-format 1" <<EOF
info: /ui/clock-format = "%a %b %d %H:%M:%S %Z"
EOF
@ -169,10 +169,10 @@ run_test ${lnav_test} -nvq \
-c ":config /ui/clock-format" \
${test_dir}/logfile_access_log.0
check_error_output "config clock-format" <<EOF
check_error_output "config clock-format 2" <<EOF
EOF
check_output "config clock-format" <<EOF
check_output "config clock-format 2" <<EOF
info: /ui/clock-format = "%a %b %d %H:%M:%S %Z"
info: changed config option -- /ui/clock-format
info: /ui/clock-format = "abc"
@ -184,10 +184,10 @@ run_test ${lnav_test} -nvq \
-c ":config /ui/clock-format" \
${test_dir}/logfile_access_log.0
check_error_output "config clock-format" <<EOF
check_error_output "config clock-format 3" <<EOF
EOF
check_output "config clock-format" <<EOF
check_output "config clock-format 3" <<EOF
info: changed config option -- /ui/clock-format
info: reset option -- /ui/clock-format
info: /ui/clock-format = "%a %b %d %H:%M:%S %Z"
@ -579,7 +579,8 @@ check_output "write-json-to is not working" <<EOF
"cs_username": "-",
"cs_version": "HTTP/1.0",
"sc_bytes": 134,
"sc_status": 200
"sc_status": 200,
"cs_host": null
},
{
"log_line": 1,
@ -600,7 +601,8 @@ check_output "write-json-to is not working" <<EOF
"cs_username": "-",
"cs_version": "HTTP/1.0",
"sc_bytes": 46210,
"sc_status": 404
"sc_status": 404,
"cs_host": null
},
{
"log_line": 2,
@ -621,7 +623,8 @@ check_output "write-json-to is not working" <<EOF
"cs_username": "-",
"cs_version": "HTTP/1.0",
"sc_bytes": 78929,
"sc_status": 200
"sc_status": 200,
"cs_host": null
}
]
EOF
@ -633,9 +636,9 @@ run_test ${lnav_test} -n \
${test_dir}/logfile_access_log.0
check_output "write-jsonlines-to is not working" <<EOF
{"log_line":0,"log_part":null,"log_time":"2009-07-20 22:59:26.000","log_idle_msecs":0,"log_level":"info","log_mark":0,"log_comment":null,"log_tags":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/cgi/tramp","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":134,"sc_status":200}
{"log_line":1,"log_part":null,"log_time":"2009-07-20 22:59:29.000","log_idle_msecs":3000,"log_level":"error","log_mark":0,"log_comment":null,"log_tags":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkboot.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":46210,"sc_status":404}
{"log_line":2,"log_part":null,"log_time":"2009-07-20 22:59:29.000","log_idle_msecs":0,"log_level":"info","log_mark":0,"log_comment":null,"log_tags":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkernel.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":78929,"sc_status":200}
{"log_line":0,"log_part":null,"log_time":"2009-07-20 22:59:26.000","log_idle_msecs":0,"log_level":"info","log_mark":0,"log_comment":null,"log_tags":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/cgi/tramp","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":134,"sc_status":200,"cs_host":null}
{"log_line":1,"log_part":null,"log_time":"2009-07-20 22:59:29.000","log_idle_msecs":3000,"log_level":"error","log_mark":0,"log_comment":null,"log_tags":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkboot.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":46210,"sc_status":404,"cs_host":null}
{"log_line":2,"log_part":null,"log_time":"2009-07-20 22:59:29.000","log_idle_msecs":0,"log_level":"info","log_mark":0,"log_comment":null,"log_tags":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkernel.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":78929,"sc_status":200,"cs_host":null}
EOF
# By setting the LNAVSECURE mode before executing the command, we will disable

3
test/test_json_format.sh
Unescape Escape View File

@ -502,7 +502,8 @@ check_output "json log format is not working" <<EOF
@fields: { "lvl": "TRACE", "msg": "trace test"}
2013-09-06T20:00:49.124 INFO Starting up service
@fields: { "lvl": "INFO", "msg": "Starting up service"}
lnav: unable to parse line at offset 186: parse error: premature EOF
[offset: 186] {"ts": "2013-09-06T22:00:49.124817Z", "@fields": { "lvl": "INFO", "msg": "Shutting down service\nline2\nline3\nline4\nline5\nline6\nline7\nline8\nline9\nline10
parse error: premature EOF
{"ts": "2013-09-06T22:00:49.124
(right here) ------^
2013-09-06T22:00:59.124 DEBUG5 Details...

94
test/test_logfile.sh
Unescape Escape View File

@ -1,5 +1,20 @@
#! /bin/bash
cp ${srcdir}/logfile_syslog.0 truncfile.0
chmod u+w truncfile.0
run_test ${lnav_test} -d /tmp/lnav.err -n \
-c ";update syslog_log set log_mark = 1 where log_line = 1" \
-c ":write-to truncfile.0" \
-c ":goto 1" \
truncfile.0
check_output "truncated log file not detected" <<EOF
Nov 3 09:23:38 veridian automount[16442]: attempting to mount entry /auto/opt
EOF
if locale -a | grep fr_FR; then
cp ${srcdir}/logfile_syslog_fr.0 logfile_syslog_fr_test.0
touch -t 200711030923 logfile_syslog_fr_test.0
@ -120,11 +135,42 @@ run_test ./drive_logfile -f bro_conn_log ${srcdir}/logfile_bro_conn.log.0
on_error_fail_with "Didn't infer bro_conn_log log format?"
run_test ./drive_logfile -f w3c_7685df_log ${srcdir}/logfile_w3c.0
on_error_fail_with "Didn't infer w3c_7685df_log log format?"
run_test ./drive_logfile ${srcdir}/logfile_empty.0
on_error_fail_with "Didn't handle empty log?"
run_test ./drive_logfile -t -f w3c_2957b3_log ${srcdir}/logfile_w3c.2
check_output "w3c timestamp interpreted incorrectly?" <<EOF
Oct 09 16:44:49 2000 -- 000
Oct 09 16:44:49 2000 -- 000
Oct 09 16:48:05 2000 -- 000
Oct 09 16:48:17 2000 -- 000
Oct 09 16:48:24 2000 -- 000
Oct 09 16:48:35 2000 -- 000
Oct 09 16:48:41 2000 -- 000
Oct 09 16:48:41 2000 -- 000
Oct 09 16:48:41 2000 -- 000
Oct 09 16:48:41 2000 -- 000
Oct 09 16:48:44 2000 -- 000
Oct 10 16:44:49 2000 -- 000
Oct 10 16:44:49 2000 -- 000
Oct 10 16:48:05 2000 -- 000
EOF
run_test ./drive_logfile -t -f w3c_5bd538_log ${srcdir}/logfile_w3c.4
check_output "quoted w3c timestamp interpreted incorrectly?" <<EOF
Jun 28 07:26:35 2017 -- 000
Jun 26 18:21:17 2017 -- 000
EOF
cp ${srcdir}/logfile_syslog.0 logfile_syslog_test.0
touch -t 200711030923 logfile_syslog_test.0
run_test ./drive_logfile -t -f syslog_log logfile_syslog_test.0
@ -376,19 +422,6 @@ info 0x0
error 0x0
EOF
cp ${srcdir}/logfile_syslog.0 truncfile.0
chmod u+w truncfile.0
run_test ${lnav_test} -n \
-c ";update syslog_log set log_mark = 1 where log_line = 1" \
-c ":write-to truncfile.0" \
-c ":goto 1" \
truncfile.0
check_output "truncated log file not detected" <<EOF
Nov 3 09:23:38 veridian automount[16442]: attempting to mount entry /auto/opt
EOF
echo "Hi" | run_test ${lnav_test} -d /tmp/lnav.err -nt -w logfile_stdin.log
@ -397,16 +430,6 @@ check_output "piping to stdin is not working?" <<EOF
2013-06-06T19:13:20.123 ---- END-OF-STDIN ----
EOF
run_test ${lnav_test} -C ${srcdir}/logfile_bad_syslog.0
sed -i "" -e "s|/.*/logfile_bad_syslog.0|logfile_bad_syslog.0|g" `test_err_filename`
check_error_output "bad syslog line not found?" <<EOF
error:logfile_bad_syslog.0:2:line did not match format syslog_log/regex/std
error:logfile_bad_syslog.0:2: line -- Nov 3 09:23:38 veridian lookup for opt failed
error:logfile_bad_syslog.0:2:partial match -- Nov 3 09:23:38 veridian lookup for opt failed
EOF
run_test ${lnav_test} -C ${srcdir}/logfile_bad_access_log.0
sed -i "" -e "s|/.*/logfile_bad_access_log.0|logfile_bad_access_log.0|g" `test_err_filename`
@ -417,6 +440,31 @@ error:logfile_bad_access_log.0:1: line -- 192.168.202.254 [20/Jul/2009:2
error:logfile_bad_access_log.0:1:partial match -- 192.168.202.254
EOF
run_test ${lnav_test} -n -I ${test_dir} ${srcdir}/logfile_w3c.2
check_output "metadata lines not ignored?" <<EOF
16:44:49 1.1.1.1 [2]USER anonymous 331
16:44:49 1.1.1.1 [2]PASS - 230
16:48:05 1.1.1.1 [2]QUIT - 226
16:48:17 1.1.1.1 [3]USER anonymous 331
16:48:24 1.1.1.1 [3]PASS user@domain.com 230
16:48:35 1.1.1.1 [3]sent /user/test.c 226
16:48:41 1.1.1.1 [3]created readme.txt 226
16:48:41 1.1.1.1 [3]created fileid.diz 226
16:48:41 1.1.1.1 [3]created names.dll 226
16:48:41 1.1.1.1 [3]created TEST.EXE 226
16:48:44 1.1.1.1 [3]QUIT - 226
16:44:49 1.1.1.1 [2]USER anonymous 331
16:44:49 1.1.1.1 [2]PASS - 230
16:48:05 1.1.1.1 [2]QUIT - 226
EOF
run_test ${lnav_test} -n -I ${test_dir} ${srcdir}/logfile_w3c.6
check_output "unicode in w3c not working?" <<EOF
2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 ÄÖÜäöüßßMözillä/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283
EOF
run_test ${lnav_test} -n -I ${test_dir} ${srcdir}/logfile_epoch.0
check_output "rewriting machine-oriented timestamp didn't work?" <<EOF

27
test/test_sql.sh
Unescape Escape View File

@ -2,6 +2,17 @@
lnav_test="${top_builddir}/src/lnav-test"
run_test ${lnav_test} -n \
-c ";SELECT sc_substatus FROM w3c_e28cf8_log" \
${test_dir}/logfile_w3c.3
check_output "w3c quoted strings are not handled correctly?" <<EOF
sc_substatus
0
0
"garbage" w/ spaces
EOF
run_test ${lnav_test} -n \
-c ";UPDATE lnav_file SET visible=0" \
${test_dir}/logfile_access_log.0
@ -382,10 +393,10 @@ run_test ${lnav_test} -n \
${test_dir}/logfile_access_log.0
check_output "access_log table is not working" <<EOF
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status
0,<NULL>,2009-07-20 22:59:26.000,0,info,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/cgi/tramp,gPXE/0.9.7,-,HTTP/1.0,134,200
1,<NULL>,2009-07-20 22:59:29.000,3000,error,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404
2,<NULL>,2009-07-20 22:59:29.000,0,info,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkernel.gz,gPXE/0.9.7,-,HTTP/1.0,78929,200
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host
0,<NULL>,2009-07-20 22:59:26.000,0,info,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/cgi/tramp,gPXE/0.9.7,-,HTTP/1.0,134,200,<NULL>
1,<NULL>,2009-07-20 22:59:29.000,3000,error,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404,<NULL>
2,<NULL>,2009-07-20 22:59:29.000,0,info,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkernel.gz,gPXE/0.9.7,-,HTTP/1.0,78929,200,<NULL>
EOF
@ -395,8 +406,8 @@ run_test ${lnav_test} -n \
${test_dir}/logfile_access_log.0
check_output "loglevel collator is not working" <<EOF
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status
1,<NULL>,2009-07-20 22:59:29.000,3000,error,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host
1,<NULL>,2009-07-20 22:59:29.000,3000,error,0,<NULL>,<NULL>,<NULL>,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404,<NULL>
EOF
run_test ${lnav_test} -n \
@ -1033,8 +1044,8 @@ run_test ${lnav_test} -n \
${test_dir}/logfile_syslog_with_access_log.0
check_output "access_log not found within syslog file" <<EOF
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status
1,<NULL>,2015-03-24 14:02:50.000,6927348000,info,0,<NULL>,<NULL>,<NULL>,127.0.0.1,GET,<NULL>,<NULL>,/includes/js/combined-javascript.js,<NULL>,-,HTTP/1.1,65508,200
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host
1,<NULL>,2015-03-24 14:02:50.000,6927348000,info,0,<NULL>,<NULL>,<NULL>,127.0.0.1,GET,<NULL>,<NULL>,/includes/js/combined-javascript.js,<NULL>,-,HTTP/1.1,65508,200,<NULL>
EOF

Write Preview
Loading…
Cancel
Save