摘录:W3C Extended Log File Format (IIS 6.0)
2008-03-29 22:37
330 查看
The W3C Extended log file format is the default log file format for IIS. It is a customizable ASCII text-based format. You can use IIS Manager to select which fields to include in the log file, which allows you to keep log files as small as possible. Because HTTP.sys handles the W3C Extended log file format, this format records HTTP.sys kernel-mode cache hits.
Table 10.1 lists and describes the available fields. Default fields are noted.
For information about status codes, see IIS Status Codes.
Note
FTP log files do not record the following fields:
You can select as many of the W3C Extended log file fields as you want. However, not all fields will contain information. For fields that are selected but for which there is no information, a hyphen (-) appears as a placeholder. If a field contains a nonprintable character, HTTP.sys replaces it with a plus sign (+) to preserve the log file format. This typically occurs with virus attacks, when, for example, a malicious user sends carriage returns and line feeds that, if not replaced with the plus sign (+), would break the log file format.
Fields are separated by spaces. Field prefixes have the following meanings:
Note
For the time-taken field, the client-request timestamp is initialized when HTTP.sys receives the first byte, but before HTTP.sys begins parsing the request. The client-request timestamp is stopped when the last IIS send completion occurs. Time taken does not reflect time across the network. The first request to the site shows a slightly longer time taken than other similar requests because HTTP.sys opens the log file with the first request.
For more information about the W3C Extended log file format, see W3C Extended Log File Format.
原文地址:http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/676400bc-8969-4aa7-851a-9319490a9bbb.mspx?mfr=true
Table 10.1 lists and describes the available fields. Default fields are noted.
Table 10.1 W3C Extended Log File Fields | |||
Field | Appears As | Description | Default Y/N |
Date | date | The date on which the activity occurred. | Y |
Time | time | The time, in coordinated universal time (UTC), at which the activity occurred. | Y |
Client IP Address | c-ip | The IP address of the client that made the request. | Y |
User Name | cs-username | The name of the authenticated user who accessed your server. Anonymous users are indicated by a hyphen. | Y |
Service Name and Instance Number | s-sitename | The Internet service name and instance number that was running on the client. | N |
Server Name | s-computername | The name of the server on which the log file entry was generated. | N |
Server IP Address | s-ip | The IP address of the server on which the log file entry was generated. | Y |
Server Port | s-port | The server port number that is configured for the service. | Y |
Method | cs-method | The requested action, for example, a GET method. | Y |
URI Stem | cs-uri-stem | The target of the action, for example, Default.htm. | Y |
URI Query | cs-uri-query | The query, if any, that the client was trying to perform. A Universal Resource Identifier (URI) query is necessary only for dynamic pages. | Y |
HTTP Status | sc-status | The HTTP status code. | Y |
Win32 Status | sc-win32-status | The Windows status code. | N |
Bytes Sent | sc-bytes | The number of bytes that the server sent. | N |
Bytes Received | cs-bytes | The number of bytes that the server received. | N |
Time Taken | time-taken | The length of time that the action took, in milliseconds. | N |
Protocol Version | cs-version | The protocol version —HTTP or FTP —that the client used. | N |
Host | cs-host | The host header name, if any. | N |
User Agent | cs(User-Agent) | The browser type that the client used. | Y |
Cookie | cs(Cookie) | The content of the cookie sent or received, if any. | N |
Referrer | cs(Referrer) | The site that the user last visited. This site provided a link to the current site. | N |
Protocol Substatus | sc-substatus | The substatus error code. | Y |
Note
FTP log files do not record the following fields:
• | cs-uri-query |
• | cs-host |
• | cs(User-Agent) |
• | cs(Cookie) |
• | cs(Referrer) |
• | sc-substatus |
Fields are separated by spaces. Field prefixes have the following meanings:
• | s- Server actions |
• | c- Client actions |
• | cs- Client-to-server actions |
• | sc- Server-to-client actions |
For the time-taken field, the client-request timestamp is initialized when HTTP.sys receives the first byte, but before HTTP.sys begins parsing the request. The client-request timestamp is stopped when the last IIS send completion occurs. Time taken does not reflect time across the network. The first request to the site shows a slightly longer time taken than other similar requests because HTTP.sys opens the log file with the first request.
For more information about the W3C Extended log file format, see W3C Extended Log File Format.
原文地址:http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/676400bc-8969-4aa7-851a-9319490a9bbb.mspx?mfr=true
相关文章推荐
- IIS 错误 Server Application Error 详细解决方法
- IIS运行错误 Server Application Error 错误代码 Error: 8004的解决方法
- IIS 6 的 PHP 最佳配置方法
- iis Web站点崩溃的原因分析
- IIS 最容易发生的故障的解决方法集合
- IIS_AD 1.0+生成器IIS插件方便提供空间加广告无限制版
- IIS和tomcat5多站点配置流程
- IIS 防盗链 软件
- iis 301转向和网址规范化总结分析
- win2003 iis6 iis假死
- win2000 IIS支持shtml shtm的设置方法[原创]
- World Wide Web Publishing 服务尝试删除 IIS 所有的 SSL 配置数据失败的几种方法
- Windows 2003 IIS 6.0 搭建可建虚拟机的asp+.net+php+jsp+mysql+mssql
- 远程分析win2003 IIS安全设置第1/2页
- 电子书籍阅读软件 eREAD 6.0 中文简体版 下载
- 比较详细的win2003 IIS6.0 301重定向带参数的问题解决方法
- IIS下搭建PHP5运行环境
- 保护(IIS)Web服务器
- 排除IIS特殊管理困惑
- 网络安全系列之四十九 IIS6.0权限设置