JESALFA is a squid access log file analyzer. Its basic idea is to generate statistics about hits and volume (bytes) wrt. several logtypes or logtype classes (set of several logtypes) and:
Using a configuration file you can configure:
NOTE: For one pass (1., 6., 7.) remain the same, you can combine 2.-5. as often as you want!
JESALFA is completely written in C and uses Paul Vixies AVL tree
routines, squid's IP ACL lists and optional gnu quick sort routines
from the latest glibc release instead of the standard routines from
your OS.
JESALFA is pretty fast and gives you a lot flexibility.
If you are actually using this tool, I would be happy to receive an e-mail from you, which includes the URLs of the results you produced with this tool - I'm researching traffic patterns and the posibility of load blancing for squid driven proxy caches...
How can I get it
You can download the required files by holding down the shift key and
klicking on the appropriate file. If you encounter problems when
downloading them, have a look at the W3-Download
page for more information.
You need to download the following files:
Uncompress jesalfa-1.0.tar.gz with gunzip -c
jesalfa-1.0.tar.gz | tar xvf - and read the README file. It
includes instructions on how to compile jesalfa as well as
instructions, how to setup a configuration file used by this tool.
Example
With this configuration file
jesalfa -o err.txt access.log.97-12 (about 815 MB)
produced the following files in one pass:
On a 297 MHz UltraSPARC1 driven solaris 2.5.1 machine it took
405.27u 11.33s 9:05.48 76.3%
i.e. about > 90 MB log file/sec. Of course, these values depend
on your configuration and HDD (on this test the file came from a DEC
RAID Array ;-)), but it might be used as a rule of thumb ;-)