DESCRIPTIONms_isa2dlf converts Microsoft Internet Security and Acceleration Server log files in the W3C Extended Log Format to the proxy DLF. The ISA log files are documented on the section on ``Firewall and Web Proxy log fields'' in the document ``Microsoft Internet Security and Acceleration Server Enterprise Edition'' at http://technet.microsoft.com/en-us/library/cc723430.aspx.
DEBUGGINGAs any Lire 2dlf program, this program needs adjusted LR_DBDIR, LR_DBFILE, LR_ID and PATH variables. These are set in .../etc/lire/defaults and .../etc/lire/profile_lean. After manually source-ing these files, one can run this program as a standalone application, by invoking it as e.g.
zcat ms_isa.log.gz | LR_ID=`date +%Y%m%d.%H%M%S` ./ms_isa2dlf > /tmp/dlf
EXAMPLESTo process a log as produced by the Microsoft ISA Server:
$ ms_isa2dlf < ms_isa.log
ms_isa2dlf will be rarely used on its own, but is more likely called by lr_log2report:
$ lr_log2report ms_isa < /var/log/ms_isa.log
THANKSChainsaw on OPN irc, for supplying log files.
VERSION$Id: ms_isa2dlf.in,v 1.16 2008/11/19 12:16:05 vanbaal Exp $
COPYRIGHTCopyright (C) 2001 Stichting LogReport Foundation [email protected]
This program is part of Lire.
Lire is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with http://www.gnu.org/copyleft/gpl.html.
AUTHORJoost van Baal <joos[email protected]>, heavily inspired by Francis J. Lacoste's w3c_extended2dlf(1)