The Access.log revisited
By Acshorten-Oracle on Jul 09, 2010
One of the most useful logs that is available from the Web Application Servers used by the Oracle Utilities Application Framework based products is access.log. It is also known as the Apache log or the HTTP Access Log.
Everytime a web resource is accessed on a server this log records it along with other information including:
- Userid - The primary credential used for the access to the resource
- IP Address - The IP Address of the client machine used for access to the resource
- URL of the resource that was access
- Time and Date of the access
- Return code of the call (uses standard HTTP status codes)
- Transfer Volume - This is a measure of the bytes transferred for this call
By extracting this information from the log (directly or a log analyzer) you can perform post transactional analaysis to ascertain what is happening for the work day and how the system generally handled it.
I have chatted to a few customers over the years that use this log and they find it is handy for tracking the activity and they use it for analysis such as:
- Tracking users vs IP Addresses - You can check whether users are sharing userids by checking for User/IP address mismatches.
- Tracking volume of traffic - Using the date and time and number of calls you can ascertain peak and non-peak periods.
- Bandwidth - You can get an idea of the bandwidth used for your site by the minute or for the day. A few customers used this to track the compression features of the framework (especially the cache hits/total hits) to assess whether they need to change the browser caching values.
- Analysis of web Errors - When a resource errors out it is recorded. For example, failed authentication requests are recorded. One customer found a malfunctioning software robot using this technique.
You can find out this information by either parsing the file or using a third party tool to process the data.