On Sun, Nov 10, 2019 at 06:07:37PM -0500, Gene Heskett wrote: > On Sunday 10 November 2019 16:07:22 tomas@tuxteam.de wrote: > > > On Sun, Nov 10, 2019 at 10:55:03AM -0500, Gene Heskett wrote: > > > On Sunday 10 November 2019 08:02:46 Michael wrote: > > > > > > Which contains such gems as this: > > > coyote.coyote.den:80 40.77.167.79 - - > > > [10/Nov/2019:10:44:45 -0500] "GET /gene/fence/18.html HTTP/1.1" 200 > > > 1121 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) > > > AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 > > > Safari/9537.53 (compatible; bingbot/2.0; > > > +http://www.bing.com/bingbot.htm)" > > > > > > But I've no clue which of the above blather is the "User agent" > > > [...] > > > > It's the sixth field: > > > I don't see an obvious field delimiter in this. Tomas. Is it definable? It's the "". > > "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) > > AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 > > Safari/9537.53 (compatible; bingbot/2.0; > > +http://www.bing.com/bingbot.htm)" > > > > Yes, a bit long. But focusing on the bingbot part seems reasonable. This is the "Common Log Format" (cf. [1] and links therein: of special interest all that software out there designed to parse and grok that stuff) or some mutation thereof. And yes, it can be configured at your heart's content by (drumroll...) munging your Apache config [2] -- a topic on which you stubbornly keep a suspicious silence ;-) Cheers [1] https://en.wikipedia.org/wiki/Common_Log_Format [2] https://httpd.apache.org/docs/2.4/logs.html -- tomás
Attachment:
signature.asc
Description: Digital signature