Есть необходимость создавать ежемесячный отчёт: интернет статистика по пользователям. Кто куда в какой день лазил и какой трафик выкачал.
Успешно пользовался программой (IAM - интернет Аксес монитор).
Но в один прекрасный месяц, он (Анализатор логов IAM) стал выдавать статистику лишь за пол месяца. (Раньше было 1-30 число, стало 1-16).
не суть.
Логи я копирую к себе на компьютер, запускаю программу, импортирую логи, формирую отчёт.
Я так понимаю, что проблема в самом керио.
Вот мой файл Logs.cfg из керио.
PHP код:
<config>
<table name="LogGlobal">
<variable name="RelativePathsRoot"></variable>
</table>
<list name="Log">
<listitem>
<variable name="LogName">alert</variable>
<variable name="StreamURL">file:///logs/alert</variable>
<variable name="StreamFlags">117506048</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">config</variable>
<variable name="StreamURL">file:///logs/config</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4104857600</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">connection</variable>
<variable name="StreamURL">file:///logs/connection</variable>
<variable name="StreamFlags">117506048</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">5536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="StreamURL">file:///logs/debug</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4104857600</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">dial</variable>
<variable name="StreamURL">file:///logs/dial</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4104857600</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">error</variable>
<variable name="StreamURL">file:///logs/error</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4104857600</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">filter</variable>
<variable name="StreamURL">file:///logs/filter</variable>
<variable name="StreamFlags">4117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">http</variable>
<variable name="StreamURL">file:///logs/http</variable>
<variable name="StreamFlags">83951616</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">security</variable>
<variable name="StreamURL">file:///logs/security</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">sslvpn</variable>
<variable name="StreamURL">file:///logs/sslvpn</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">warning</variable>
<variable name="StreamURL">file:///logs/warning</variable>
<variable name="StreamFlags">117440512</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4104857600</variable>
<variable name="NextRotate">0</variable>
</listitem>
<listitem>
<variable name="LogName">web</variable>
<variable name="StreamURL">file:///logs/web</variable>
<variable name="StreamFlags">117506048</variable>
<variable name="RotateCount">1</variable>
<variable name="RotateFlags">0</variable>
<variable name="RotateMin">0</variable>
<variable name="RotateHour">0</variable>
<variable name="RotateDay">1</variable>
<variable name="MaxSize">4536870912</variable>
<variable name="NextRotate">0</variable>
</listitem>
</list>
<list name="LogEvents">
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentWan</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ddial</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">idle</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentServices</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">dhcp</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">dhcp_opt</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">dhcp_other</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">dns</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">webadmin</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">webiface</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">upnp_service</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentProtocols</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">proto_dns</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">proto_http</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentFiltering</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">avir_plugins</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">driver</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">pktdrop</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">P2P</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ether_other</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">webfilter</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ips</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ips_output</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ips_pktlog</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentAccounting</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">activity</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">precognizer</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">StaR</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">auth</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">user_db</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentMisc</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">alert</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">bandwidth</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">dynamicdns</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">cache</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">connectivity</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">licensing</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">pkt_queue</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">smtprelay</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">update_checker</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">system_config</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentInspectors</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">proxy</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ftp_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">sip_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">h323_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">http_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">irc_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">mms_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">pop3_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">pptp_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">rap_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">rtsp_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">skinny_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">smtp_handler</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">ParentVPN</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">sslvpn</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpnag</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpncipher</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpnclient</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpn</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpnippool</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpnkripl</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpnssl</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpntunnel</variable>
<variable name="Enabled">0</variable>
</listitem>
<listitem>
<variable name="LogName">debug</variable>
<variable name="EventName">vpncore</variable>
<variable name="Enabled">0</variable>
</listitem>
</list>
<list name="LogHighlighting">
<listitem>
<variable name="Id">Default_00001</variable>
<variable name="Enabled">0</variable>
<variable name="Order">1</variable>
<variable name="Description">Filter log: Dropped packets</variable>
<variable name="Condition">DROP.*packet</variable>
<variable name="IsRegularExpression">1</variable>
<variable name="Color">#ffcccc</variable>
</listitem>
<listitem>
<variable name="Id">Default_00002</variable>
<variable name="Enabled">0</variable>
<variable name="Order">2</variable>
<variable name="Description">Filter log: Denied WWW pages</variable>
<variable name="Condition">DENY URL</variable>
<variable name="IsRegularExpression">0</variable>
<variable name="Color">#ffcccc</variable>
</listitem>
<listitem>
<variable name="Id">Default_00003</variable>
<variable name="Enabled">0</variable>
<variable name="Order">3</variable>
<variable name="Description">Filter log: Keyword filter</variable>
<variable name="Condition">DENY Keyword filter</variable>
<variable name="IsRegularExpression">0</variable>
<variable name="Color">#ffcccc</variable>
</listitem>
<listitem>
<variable name="Id">Default_00004</variable>
<variable name="Enabled">0</variable>
<variable name="Order">4</variable>
<variable name="Description">Filter log: Denied FTP</variable>
<variable name="Condition">DENY FTP</variable>
<variable name="IsRegularExpression">0</variable>
<variable name="Color">#ffcccc</variable>
</listitem>
<listitem>
<variable name="Id">Default_00005</variable>
<variable name="Enabled">0</variable>
<variable name="Order">5</variable>
<variable name="Description">Connection log: More than 100MB of transferred data</variable>
<variable name="Condition">[Bytes] d+/d+/d{9,}</variable>
<variable name="IsRegularExpression">1</variable>
<variable name="Color">#ffffcc</variable>
</listitem>
<listitem>
<variable name="Id">Default_00006</variable>
<variable name="Enabled">0</variable>
<variable name="Order">6</variable>
<variable name="Description">Connection log: More than 10MB of transferred data</variable>
<variable name="Condition">[Bytes] d+/d+/d{8,}</variable>
<variable name="IsRegularExpression">1</variable>
<variable name="Color">#ccffcc</variable>
</listitem>
<listitem>
<variable name="Id">Default_00007</variable>
<variable name="Enabled">0</variable>
<variable name="Order">7</variable>
<variable name="Description">Debug log: Licensing information</variable>
<variable name="Condition">{licensing}</variable>
<variable name="IsRegularExpression">0</variable>
<variable name="Color">#ccffff</variable>
</listitem>
</list>
</config>
Предположив, что это как-то связано с максимальным размером лог файлов(ну не помещается статистика за 30 дней и более в нём), я изменял параметр <variable name="MaxSize">4536870912</variable>, добавляя к значению 1-2 цифры, таким образом в 10-100 раз увеличивая максимальный размер лог файла.
По прошествии месяца, ничего не изменилось. Логи как были не полными, так и остались.
Помогите разобраться в чём проблема. Может, как вариант, покажите свои logs.cfg, я сравню настройки.
Заранее спасибо.
