Tadek’s Blog

One of my pet (a.k.a. [procrastination](http://www.thefreedictionary.com/procrastination)) projects has been to visualize my server logs using [Google Maps](http://maps.google.com). In fact, this has been my ‘procrastination hub’ giving me excuses to work on a variety of pet projects, including:

* playing with [Bro](http://bro-ids.org) and packaging Bro for Debian
* playing with Apache logs and importing them to the relational database
* playing with Bro logs and importing them to the relational database
* learning Python and Javascript
* playing with Google Maps
* writing a web application to visualize the collected logs on Google maps
* creating a webpage documenting all the above.

As with procrastination projects, they are by definition never complete. I do have something working now, and you can see it in action (works best in a [decent browser](http://www.mozilla.com/en-US/firefox/), but should show something in IE as well).

### GeoWebStats
Visualizing Apache logs on a webpage. Here are three links (it might take a while to load them for the first time, so please be patient):

* [Blog Visitors - last 7 days](http://plum.ibao.net/webstats/?vhost=tadek.pietraszek.org&regexpmatch=%2Fblog&regexpnomatch=%2Fblog%2Fwp-%7C%2Fblog%2Ffeed&cutoff=10&start=-7&cc_locked=vhost%2Cregexpmatch%2Cregexpnomatch%2Cstart%2Cend%2Cstriplevel&cc_hash=6049f98622a55ac5cb3b87dd535820d0&submit=1)
* [Gallery Visitors - last 7 days](http://plum.ibao.net/webstats/?vhost=gallery.ibao.net&regexpnomatch=%5E%2Fd%2F%5B0-9%5D%2B%7C%5E%2Fc%2F%7C%5E%2Findex.php%7C%2Ffavicon.ico&cutoff=5&start=-7&cc_locked=vhost%2Cregexpmatch%2Cregexpnomatch%2Cstart%2Cend%2Ccutoff%2Cstriplevel&cc_hash=e5366f30cae72af7a33f166394e96bc6&submit=1)
* [Homepage Visitors - last 7 days](http://plum.ibao.net/webstats/?vhost=tadek.pietraszek.org&regexpnomatch=%2Fblog%7C%2Ffavicon.ico%7C%5E%2Fimages&striplevel=2&start=-7&cc_locked=vhost%2Cregexpmatch%2Cregexpnomatch%2Cstart%2Cend%2Ccutoff%2Cstriplevel&cc_hash=992cd263f64643edf909c6eea6a9624e&submit=1)

The script is quite customizable (for example you can specify the regular expressions you want to filter on, group stuff) but for security resons those demo links are locked.

### GeoBroStats
Simiarly to GeoWebStats, GeoBroStats visualizes raw TCP/UDP conections based on Bro conection summaries (this might also take a while to load):

* [Today's SMTP connections that transfered 10kB+ (mostly spammers) ](http://plum.ibao.net/brostats/?service=smtp&cutoff=10&start=0&cc_locked=service%2Cport%2Cstate%2Ccutoff%2Cstart%2Cend&cc_hash=3f41b93fc42c40fe3d60920af7e207f5&submit=1)

The script is also quite customizable, but for security resons those demo links are locked.

Let me know what you think about it. I know that the user interface is very crude and needs some work. I have also almost finished GeoWebStat’s website, but knowing me, it will take a while

This entry was posted on Tuesday, January 2nd, 2007 at 4:35 pm and is filed under Linux, Personal, Progs/Tools/Libs. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.