Track Traffic With Webalizer
The April 2005 issue of Linux Magazine has my Feature “Track Traffic With Webalizer – A Fast, Free and Feature-rich Log Analyzer”, and it provides a decent overview of how to configure Webalizer.
I have been using it for years on my own webserver, and after setting it up enough times on different systems, I asked my editor if he thought it would make a good article; he thought it would.
What I have also worked on, but haven’t packaged up yet, is a much faster inverse DNS resolver for Webalizer. When processing webserver logs, many of us like to see the DNS names where traffic is coming from, but doing bulk lookups can be slow.
Webazolver spawns some user-given number of child processes to perform lookups one at a time, caching the results in a DB file for later use by webazolver. But this approach still limits the number of outstanding queries, and a few dead resolvers can really hang the process up.
I wrote a program that uses the excellent ADNS asynchronous resolver library, and in a single thread/process it’s many, many times faster than the synchronous version.
I’ve really got to package and post it…
Steve Friedl is a software and network security consultant in Southern California. He runs Unixwiz.net which features a collection of tools, tech tips, and other information in the scope of his consulting practice.