hanwentan 2011-05-15
相关软件及下载地址:
1、 cronolog-1.6.2.tar.gz
2、 awstats-6.95.tar.gz
3、 GeoIP-1.4.6.tar.gz
4、 Geo-IP-1.38.tar.gz
5、 Net-XWhois-0.90.tar.gz
6、 QQWry.Dat
7、 IP解析插件
软件说明:
Cronolog -apache日志分割
Awstats –apace日志分析主程序
GeoIP –IP地址分析,来至某个国家并显示国旗
Xwhois及后面 –IP反向解析
详细安装过程:
一、安装cronolog日志分割软件:
[root@saas soft]# tar zxvf cronolog-1.6.2.tar.gz
[root@saas cronolog-1.6.2]# ./configure &&make &&make install
[root@saas cronolog-1.6.2]# which cronolog
/usr/local/sbin/cronolog
修改httpd.conf文件
<VirtualHost *> ServerName www.test.cn DocumentRoot “/opt/lampp/htdocs/newtest” CustomLog “|/usr/local/sbin/cronolog /opt/lampp/logs/test_%Y%m%d.log” combined ErrorLog “|/usr/local/sbin/cronolog /opt/lampp/logs/test_error_%Y%m%d.log” </VirtualHost> |
重启apache后在/opt/lampp/logs/目录下可以看到以下格式日志:
-rw-r–r– 1 root root 12021 6月 25 15:01 test_20100625.log -rw-r–r– 1 root root 718 6月 25 15:00 test_error_20100625.log |
日志分割比较简单。。至此就安装完成了。。。以后每天都会在该目录下生成当日的日志文件。
二、安装awstats主程序
[root@saas local]# tar zxvf awstats-6.95.tar.gz -C /usr/local/
[root@saas local]# mv awstats-6.95/ awstats
[root@saas local]# mkdir /etc/awstats
[root@saas local]# mkdir /var/lib/awstats
[root@saas local]# chown -R apache /var/lib/awstats/
[root@saas local]# chown -R apache /usr/local/awstats/
[root@saas local]# /usr/local/awstats/tools/awstats_configure.pl
Enter full config file path of your Web server. Example: /etc/httpd/httpd.conf Example: /usr/local/apache2/conf/httpd.conf Example: c:\Program files\apache group\apache\conf\httpd.conf Config file path (‘none’ to skip web server setup): Ø /opt/lampp/etc/httpd.conf #http.conf文件路径 —–> Need to create a new config file ? Do you want me to build a new AWStats config/profile file (required if first install) [y/N] ? y —–> Define config file name to create What is the name of your web site or profile analysis ? Example: www.mysite.com Example: demo Your web site, virtual server or profile name: Ø www.test.cn #生成配置文件的名字 —–> Define config file path In which directory do you plan to store your config file(s) ? Default: /etc/awstats Directory path to store config file(s) (Enter for default): >配置文件放置地址 默认即可 —–> Add update process inside a scheduler Sorry, configure.pl does not support automatic add to cron yet. You can do it manually by adding the following command to your cron: /usr/local/awstats/wwwroot/cgi-bin/awstats.pl -update -config=www.test.cn Or if you have several config files and prefer having only one command: /usr/local/awstats/tools/awstats_updateall.pl now Press ENTER to continue… 回车继续 A SIMPLE config file has been created: /etc/awstats/awstats.www.test.cn.conf You should have a look inside to check and change manually main parameters. You can then manually update your statistics for ‘www.test.cn’ with command: > perl awstats.pl -update -config=www.test.cn You can also read your statistics for ‘www.test.cn’ with URL: > http://localhost/awstats/awstats.pl?config=www.test.cn Press ENTER to finish… 回车结束 |
Configure.pl配置文件,会将:
CustomLog ……………………..common 改为 CustomLog ……………………..combined #实际上面我们已经更改过来,日志切割的时候 会在apache中增加如下内容: Alias /awstatsclasses “/usr/local/awstats/wwwroot/classes/” Alias/awstatscss“/usr/local/awstats/wwwroot/css/” Alias/awstatsicons“/usr/local/awstats/wwwroot/icon/” ScriptAlias/awstats/“/usr/local/awstats/wwwroot/cgi-bin/” <Directory“/usr/local/awstats/wwwroot”> OptionsNone AllowOverrideNone Orderallow,deny Allowfromall </Directory> |
当然你也有可能会发现httpd.conf文件会变成这个样子:(每句后面会多出^M)
# Do NOT simply read the instructions in here without understanding^M # what they do. They’re here only as hints or reminders. If you are unsure^M # consult the online docs. You have been warned. ^M #^M # Configuration and logfile names: If the filenames you specify for many^M # of the server’s control files begin with “/” (or “drive:/” for Win32), the^M # server will use that explicit path. If the filenames do *not* begin^M # with “/”, the value of ServerRoot is prepended — so “logs/foo.log”^M # with ServerRoot set to “/opt/lampp” will be interpreted by the^M # server as “/opt/lampp/logs/foo.log”.^M ^M #^M |
使用dos2unix命令转换下格式:
[root@saas tools]# file /opt/lampp/etc/httpd.conf /opt/lampp/etc/httpd.conf: ASCII English text, with CRLF, LF line terminators [root@saas tools]# dos2unix /opt/lampp/etc/httpd.conf dos2unix: converting file /opt/lampp/etc/httpd.conf to UNIX format … [root@saas tools]# file /opt/lampp/etc/httpd.conf /opt/lampp/etc/httpd.conf: ASCII English text |
生成的配置文件,配置文件中大概要修改的如下:/etc/awstats/awstats
LogFile=”apache日志文件 DirData=”/var/lib/awstats” DirCgi=”/awstats” AllowToUpdateStatsFromBrowser=1 |
注:由于前面我们使用过了日志分割,固每日的日志都会跟上日期。所以在LogFile处可以写定一个日志文件名称如:”/opt/lamp/logs/Test_acc.log” 。每日凌晨的时候利用脚本将其前日的日志复制覆盖掉此文件再做分析。
现为了测试,先将今日的日志先复制一份命名为”Test_acc.log”
更新数据并测试awstats是否网页访问OK
[root@saas ~]# usr/local/awstats/tools/awstats_updateall.pl now Running ‘”/usr/local/awstats/wwwroot/cgi-bin/awstats.pl” -update -config=www.test.cn -configdir=”/etc/awstats”‘ to update config www.test.cn Create/Update database for config “/etc/awstats/awstats.www.test.cn.conf” by AWStats version 6.95 (build 1.943) From data in log file “/opt/lampp/logs/test_acc.log”… Phase 1 : First bypass old records, searching new record… Direct access after last parsed record (after line 880) Jumped lines in file: 880 Found 880 already parsed records. Parsed lines in file: 0 Found 0 dropped records, Found 0 corrupted records, Found 0 old records, Found 0 new qualified records. |
使用浏览器,察看日志统计情况:http://域名/awstats/awstats.pl?config=配置文件名。。
实例如下:
http://www.test.cn/awstats/awstats.pl?config=www.test.cn
如提示:Forbidden You don’t have permission to access /awstats/awstats.pl on this server.错误。
1、 请确认/usr/local/awstats目录权限
[root@saas ~]# chmod -R 755 /usr/local/awstats |
2、 检测httpd.conf文件是否应用支持CGI。。改httpd.conf为如下:
[root@OAServer ~]# tail /opt/lampp/etc/httpd.conf # This is to permit URL access to scripts/files in AWStats directory. # <Directory “/usr/local/awstats/wwwroot”> Options FollowSymLinks +ExecCGI AddHandler cgi-script .pl AllowOverride None Order allow,deny Allow from all </Directory> |
三、插件安装:
1、 GeoIP-1.4.6.tar.gz安装
[root@saas soft]# tar zxvf GeoIP-1.4.6.tar.gz [root@saas GeoIP-1.4.6]#./configure &&make &&make install |
2、 Geo-IP-1.38.tar.gz安装
[root@saas soft]# tar zxvf Geo-IP-1.38.tar.gz [root@saas Geo-IP-1.38]# perl Makefile.PL &&make &&make install [root@saas Geo-IP-1.38]# /usr/local/bin/geoipupdate -v |
安装好Geoip插件后,在配置文件中启用插件:
[root@saas soft]# grep “geoip ” /etc/awstats/awstats.www.test.cn.conf # geoip or geoipfree plugin instead of enabled reverse DNS lookup. LoadPlugin=”geoip GEOIP_STANDARD /usr/local/share/GeoIP/GeoIP.dat” #取消掉本行注释 |
在web页面就能看到如下红色标注部分及国旗了。。
| ||||||||||||||||||||||||||||||
国家或地区 | 网页数 | 文件数 | 字节 | |||||||||||||||||||||||||||
China | cn | 4444 | 39202 | 1.83 G字节 | ||||||||||||||||||||||||||
Australia | au | 311 | 2174 | 109.83 M字节 | ||||||||||||||||||||||||||
3、Net-XWhois-0.90.tar.gz 安装(反向地址解析)
[root@saas soft]# tar zxvf Net-XWhois-0.90.tar.gz [root@saas Net-XWhois-0.90]# perl Makefile.PL &&make &&make install |
改qqwry.pl文件中
my $ipfile=”./QQWry.Dat”; 为 my $ipfile=”${DIR}/plugins/QQWry.Dat”; |
复制 QQWry.Dat, qqhostinfo.pm, qqwry.pl 等3个文件到 awstats/wwwroot/cgibin/plugins 下面。并授权755
[root@saas soft]# cp qqhostinfo.pm QQWry.Dat qqwry.pl \ >/usr/local/awstats/wwwroot/cgi-bin/plugins/ [root@saas soft]#chmod 755 /usr/local/awstats/wwwroot/cgi-bin/plugins/* |
修改配置文件中LoadPlugin如下:
LoadPlugin=”qqhostinfo” 顺带启用以下插件: LoadPlugin=”tooltips” LoadPlugin=”decodeutfkeys” #解决搜索关键字乱码问题 |
一切OK后。重新刷新下WEB查看页面。可以看到如下:
主机 : 0 个解译成功, 763 无法得知(不能反解网域名称)639 参观者 | GeoIPCountry | Location | 网页数 | 文件数 | 字节 | 最近参观日期 |
121.56.215.145 | China | 内蒙古兴安盟 电信 | 205 | 1070 | 12.29 M字节 | 2010年06月27日 13:41 |
123.179.199.146 | China | 内蒙古赤峰市 电信 | 108 | 636 | 51.03 M字节 | 2010年06月27日 03:45 |
110.84.174.240 | Australia | 福建省福州市 电信 | 105 | 478 | 19.08 M字节 | 2010年06月27日 05:48 |
在页面的最下面可以看到已经启用的插件:
Advanced Web Statistics 6.95 (build 1.943) - 创建者 awstats (插件: qqhostinfo, geoip, decodeutfkeys, tooltips) |
四、编写简单脚本。并设置定时执行
[root@saas soft]#cat /opt/lampp/logs/awstats.sh #!/bin/bash logdir=/opt/lampp/logs date=`date +%Y%m%d -d “-1 days”` rmdate=`date +%Y%m%d -d “-7 days”` \cp $logdir/ksense.com.cn_$date.log $logdir/Test_acc.log rm -rf $logdir/*_$rmdate.log /usr/local/awstats/tools/awstats_updateall.pl now [root@saas soft]]# crontab -l 01 01 * * * /opt/lampp/logs/awstatus.sh #每晚一点处理前一天的日志文件 |
五、关于安全。网上很多都提倡使用密码认证的方式。。我做得比较简单
<Directory “/usr/local/awstats/wwwroot”> Options FollowSymLinks +ExecCGI AddHandler cgi-script .pl AllowOverride None Order allow,deny Allow from 192.168.0.12 #只允许本IP访问此页面 </Directory> |