Web log analysis software

When Logdateianalyse the log file of a computer system for a certain period is examined according to certain criteria. In current computer systems, the various systems can be logged. For example, are found in each Web server in any database and any firewall log files. Depending on the nature, content and scope of the recording of the log file can be drawn from different circuits.

  • 4.1 Free programs (open source)
  • 4.2 Free software ( freeware )
  • 4.3 Commercial Program
  • 4.4 Product Directories

Analysis of web server log files

The interpreted statistics make it possible to optimize the structure and the structure of the website. They are the basis for usability analysis or provide statements about the success of a marketing campaign. With an analysis of the log files you can begin to operate Webcontrolling.

Some possible questions

  • What is the IP address and host name of the user?
  • He has used Which browser?
  • On which side was the link with which the user has accessed the page?
  • What search engine and what search words he used?
  • How long he remained on the website?
  • How many pages he calls it?
  • On which side he has left the site?
  • What he has installed add-on modules?
  • What operating system he uses?
  • What websites have staff Doe visited during working hours? (in this case must be included in the rule of the council)
  • Where does the user?

These questions can be answered primarily by evaluating the so-called communication edge data.

Problems in the analysis

The main problem of Logdateianalyse in web server log files is the fact that HTTP is a stateless protocol. That is, each request from a client for a web page ( or each occurring therein graphics, etc.) for the web server an independent action. Click the user through a web site, the web server has no knowledge that the user has just been browsing a page.

To allow nevertheless a stateful HTTP, is occasionally awarded for dynamically generated web pages in the first call of the user, a so-called session ID, which is then always mitsendet the client with the following requests. This can be done via a cookie or to any additional URI appended parameters, a cookie but in the log file is not visible and a separate programming for the Logdateianalyse needed. If a cookie can be set (this is dependent on the client ), and a later identification is possible if the cookie has not been modified or deleted in the meantime. Otherwise, merely statistical statements about the ( probable) Readmission of a page can be made. This is e.g. by combinations of the same IP address, screen resolution, matching plug-ins, etc. almost possible to precisely this method is not. However, there are studies on techniques, how to recognize individual computers based on their individual inaccuracy of system clock.

Another existing in the HTTP way to identify a user who is to use the IP address. However, it can be the same for many different users when they are using a proxy server, Network Address Translation, or the like. They are therefore only to be used with great caution because an IP address can not be equated with a user.

Often, however, the operator of a website has no access to the web server log file, so it is often attempted to provide means of tracking pixels but a statistical analysis. For this purpose, small, invisible ( 1 × 1 pixel transparent) images must be included in the website that are stored on a Web server whose log file can be evaluated.

Extended information, such as the screen resolution, or a list of installed web browser plug -ins are also happy desired, however, are not in a log file. This information is then usually determined by means of a client-side scripting language and also logged separately by counting pixels.

Correlation of log files

In addition to the evaluation of individual files exist quasi considered the pinnacle of the correlation of different log files, especially for error analysis. It is important that the systems involved in providing all log entries with a time stamp and go beyond the clocks of these systems almost synchronously. Here the use of a network time protocol such as NTP is advisable.

Example of a correlation of log files and entries would be the combination of firewall and routers log - log files as well as accounting data on a cracker of a compromised system.

Admissibility of the analysis in Germany

After the supervisory authorities consider that personal data of a user without consent should only be collected and used, to the extent necessary to allow the use of tele- media and bill. The analysis of user behavior using full IP address (including a geolocation ) is admissible due to the Personenbeziehbarkeit this data only with conscious, clear consent.

Programs Logdateianalyse

There are a variety of programs that help to analyze log files. The following bulleted list some of them:

Free programs (open source)

  • Analogous
  • AWStats
  • Kibana
  • LIRE
  • Mgaccesslog
  • Modlogan
  • PageLogger
  • Piwik
  • RRDtool
  • Visitors
  • W3Perl
  • Webalizer
  • Webalizer Xtended
  • WUM
  • WUMprep

Free software ( freeware )

  • HTTP LogStat
  • Funnel Web Analyzer
  • PrimaWebtools
  • Web Entry Miner WEM
  • Xlogan

Commercial Program

  • Aconon web analytics
  • Apago
  • Counter Labs
  • EXAConsult MBIS
  • Intares - MQS Web Mining
  • LFApro
  • LogDrill
  • Mescalero
  • NetMind
  • NetTracker
  • SAS Web Analytics
  • ShopStat
  • Sawmill
  • SmarterStats
  • W3 Statistics ( free version available )
  • Urchin software
  • WiredMinds
  • WebReflow ( free version available )
  • WebSpy
  • WebTrends
  • Xlogan Pro

Product directories

  • German language on web- analytics.org
  • In English by Terry Lund
Hostname Works council Client (computing) Analog (program)
527421
de