2003-11-23 16:00:13 220.127.116.11 -
CSLNTSVR20 18.104.22.168 80 GET
/tutor/images/icons/fold.gif - 304 140 470
0 HTTP/1.1 www.tutor.com.my
The date from Greenwich Mean Time (GMT x 100) is
recorded for each hit. The date format is YYYY-MM-DD.
The example from Fig. 1 above shows that the transaction was
recorded at 2003-11-23.
Time of transactions. The time format is HH:MM:SS. The
example from Fig. 1 above shows that the transaction time
was recorded at 16:00:13.
c) Client IP Address
Client IP is the number of computer who access or request the
d) User Authentication
Some web sites are set up with a security feature that requires
a user to enter username and password. Once a user logs on to
a Website, that user's "username" is logged in the fourth field
of the log file.
e) Server Name
Name of the server. In Fig. 1 the name of the server is
f)Server IP Address
Server IP is a static IP provided by Internet Service Provider.
This IP will be a reference for access the information from the
g) Server Port
Server Port is a port used for data transmission. Usually, the
port used is port 80.
h) Server Method (HTTP Request)
The word request refers to an image, movie, sound, pdf, txt,
HTML file and more. The above example in Fig. 1 indicates
that folder.gif was the item accessed. It is also important to
note that the full path name from the document root. The GET
in front of the path name specifies the way in which the server
sends the requested information. Currently, there are three
formats that Web servers send information  in GET, POST,
and Head. Most HTML files are served via GET Method
while most CGI functionality is served via POST.
URI-Stem is path from the host. It represents the structure of
the websites. For examples:-
j) Server URI-Query
URI-Query usually appears after sign "?". This represents the
type of user request and the value usually appears in the
Address Bar. For example:-
This is the status code returned by the server; by definition
this will be the three digit number . There are four classes
i. Success (200 Series)
ii. Redirect (300 Series)
iii. Failure (400 Series)
iv. Server Error (500 Series)
A status code of 200 means the transaction was successful.
Common 300-series codes are 302, for redirect from
http://www.mydomain.com to http://www.mydomain.com,
and 304 for a conditional GET. This occurs when server
checks if the version of the file or graphics already in cache is
still the current version and directs the browser to use the
cached version. The most common failure codes are 401
(failed authentication), 403 (Forbidden request to a restrict
subdirectory, and the dreaded 404 (file not found) messages.
In the above transmission a status is 200 means that there was
a successful transmission.
a) Bytes Sent
The amount of data revisited by the server, not together the
b) Bytes Received
Amount of data sent by client to the server.
c) Time Stamp
This attribute is used to determine how long a visitor spent on
a given page.
d) Protocol Version
HTTP protocol being used (e.g. HTTP/1.1).
PROCEEDINGS OF WORLD ACADEMY OF SCIENCE, ENGINEERING AND TECHNOLOGY VOLUME 36 DECEMBER 2008 ISSN 2070-3740
PWASET VOLUME 36 DECEMBER 2008 ISSN 2070-3740 971 © 2008