1.http://www.the-art-of-web.com/system/xferlog/#.UcsA9Pl8k9s
2.http://www.linuxweblog.com/blogs/wizap/20080129/analyzing-proftpd-xferlog-file
The xferlog Format
The default format of the xferlog for ProFTP contains the following information on each line:
- current-time
- Thu June 27 01:24:47 2013
- transfer-time
- whole seconds
- remote-host
- file-size
- size of transferred file in bytes
- file-name
- transfer-type
- a = ascii; b = binary
- special-action-flag
- C = compressed; U = uncompressed; T = tar'ed; _ = no action was taken
- direction
- o = outgoing; i = incoming; d = deleted
- access-mode
- a = anonymous; r = real
- username
- service-name
- usually ftp
- authentication-method
- 0 = none; 1 = RFC931 Authentication
- authenticated-user-id
- user id or '*'
- completion-status
- c = complete; i = incomplete
The three characters following the file name represent the transfer-type (ascii or binary), any special actions (usually _ meaning none) and the direction (outgoing, incoming or deleted).
- ascii format:
- a _ i (uploaded)
- a _ o (downloaded)
- a _ d (deleted)
- binary format:
- b _ i (uploaded)
- b _ o (downloaded)
- b _ d (deleted)
Now, to extract a list of all successfully uploaded files
(查已上傳成功的檔案):
awk '($12 ~ /^i$/ && $NF ~ /^c$/){print $9}' xferlog
(查已被下載的檔案):
awk '($12 ~ /^o$/ && $NF ~ /^c$/){print $9}' xferlog
(查已刪除的檔案):
awk '($12 ~ /^d$/ && $NF ~ /^c$/){print $9}' xferlog
and uploads that were unsuccessful(查上傳未完成的檔案):
awk '($12 ~ /^i$/ && $NF ~ /^i$/){print $9}' xferlog
沒有留言:
張貼留言