Limiting Access_log Size
I want to use Analog to analyze the volume of traffic on a remote Apache Server. The problem is that the log file (access_log.07-25-03 in this case) is too big & takes too long to download (& it's the smallest log file in there at 16.9MB - other log files (access_log & access_log.1 through 4) are upto 1.99GB - must be cumulative monthly files).
On the Win2K Servers, I run Analog on files that are created every half hour like ex03072422.log- the retrievals are fast, & I can spot & block abusers fairly quickly. I need the same efficiency on the remote Linux box. I was thinking I could setup an hourly CRON job to use logrotate to write hourly files. Currently it looks like the shortest interval is daily.
The other question is... once I am able to analyze abusers on the Linux box, how do I block them? On the Win2K servers we block specific user IP's, etc. with BlackIce. Not sure if the Linux box would require additional software or if there's something built in.
In any case, our developer who setup that box is too busy, & as you can tell I'm pretty clueless as to how to implement what should be some fairly simple changes/additions.
Any help would be much appreciated. Thanx in advance - John
|