ftpd之xferlog日志格式解读

isiqi

浏览: 16484366 次
性别:
来自: 济南

最近访客更多访客>>

nison

hellohank

wangyy

devcang

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

2012-07 ( 335)
2012-06 ( 252)
2012-05 ( 362)
更多存档...

C C++C#Access .net

QUOTE:

Thu Mar 4 08:12:30 2004 1 202.114.40.242 37 /incoming/index.html a _ o a guest@my.net ftp 0 * c

Thu Mar 4 08:12:30 2004 current-time
1 transfer-time
202.114.40.242 remote-host
37 byte-count
/incoming/index.html filename
a transfer-type
_ special-action-flag
o direction
a access-mode
guest@my.net username
ftp service-name
0 authentication-method
* authenticated-user-id
c completion-status

current-time The current local time in the form "DDD MMM dd hh:mm:ss
YYYY", where DDD is the day of the week, MMM is the month,
dd is the day of the month, hh is the hour, mm is the min-
utes, ss is the seconds, and YYYY is the year.

transfer-timeThe total time of the transfer in seconds.

remote-host The remote host name.

byte-count The amount of transferred bytes.

filename The canonicalized (all symbolic links are resolved) abso-
lute pathname of the transferred file.

In case of the chrooted FTP session this field can be
interpreted as the pathname in the chrooted environment
(the default interpretation) or as the one in the real
file system. The second type of interpretation can be
enabled by the command-line options of the ftpd(8).

transfer-typeThe single character that indicates the type of the trans-
fer. The set of possible values is:

a An ascii transfer.

b A binary transfer.

special-action-flag
One or more single character flags indicating any special
action taken. The set of possible values is:

_ No action was taken

C The file was compressed (not in use).

U The file was uncompressed (not in use).

T The file was tar'ed (not in use).

direction The direction of the transfer. The set of possible values
is:

o The outgoing transfer.

i The incoming transfer.

access-mode The method by which the user is logged in. The set of pos-
sible values is:

a (anonymous)The anonymous guest user.

g (guest) The real but chrooted user (this capability
is guided by ftpchroot(5) file).

r (real) The real user.

username The user's login name in case of the real user, or the
user's identification string in case of the anonymous user
(by convention it is an email address of the user).

service-name The name of the service being invoked. The ftpd(8) utility
uses the ``ftp'' keyword.

authentication-method
The used method of the authentication. The set of possible
values is:

0 None.

1 RFC931 Authentication (not in use).

authenticated-user-id
The user id returned by the authentication method. The `*'
symbol is used if an authenticated user id is not avail-
able.

completion-status
The single character that indicates the status of the
transfer. The set of possible values is:

c A complete transfer.

i An incomplete transfer.

vsftpd与log有关的选项：
vsftpd_log_file
xferlog_enable
xferlog_std_format
xferlog_file
dual_log_enable
syslog_enable
log_ftp_protocol
no_log_lock

参考：http://bsdftpd-ssl.sc.ru/doc/unix/xferlog.5.txt
http://vsftpd.beasts.org/vsftpd_conf.html