New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Token '' doesn't match specifier '%h' #1635
Comments
You will need to use a custom log format. e.g.,
|
hi! same problem, sorry im very new to this , my log is
when type :$ sudo goaccess -f /var/log/nginx/access.log drop it : Parsed 1 linesproducing the following errors: Token '-' doesn't match specifier '%h' Format Errors - Verify your log/date/time format |
@librenauta GoAccess requires the following fields:
|
thnks, i edit my conf nginx with: and run with:
Originally posted by @allinurl in #1546 (comment) thnks 4 help <3 |
@librenauta Please try:
|
it's works, thank u for that support |
Awesome. Closing this. Feel free to reopen it as needed. |
Hi Team, Having the same issue.
Thanks in Advance! |
@dmk2861995 please post a few lines from your access.log. Thanks |
Hi Team, Log Sample:
Error:
|
@abdul-alim Sorry for the delay, this should do it:
|
using nginx2goaccess.sh, we get
but it doesn't work, we keep getting error. sample access log::
Please help @allinurl |
This should do it @skathiresan-hw
|
Hi @allinurl ! |
@Maxime-Garcia sounds like a format issue, please feel free to post a few sample lines from your access.log so I can take a look. Thanks. |
Hi again @allinurl ! Thanks for your response and sorry for the delay of mine, here's a sample of my access.log.
Thank you so much for your help !! |
No worries, please try this:
|
Hello @allinurl ! This is working perfectly now ! Thanks a lot for your help !! |
Hi @allinurl I am having the same issue :( ==836== Token '06/May/2022:00:00:00' doesn't match specifier '%h' Getting above error for below tomcat log and log pattern in tomcat specified as %t %a %u %m %U %q %s %T %D %I %B [08/May/2022:00:00:05 +0530] 1.24.16.182 - POST /servlet/loginPage 200 60.005 60005 https-jsse-nio2-0.0.0.0-8061-exec-13 0 |
@RaginiShankar Please try:
|
I am still getting the same error and it has not been resolved.
…On Thu, May 19, 2022 at 7:56 AM Gerardo O. ***@***.***> wrote:
@RaginiShankar <https://github.com/RaginiShankar> Please try:
goaccess access.log --log-format='[%d:%t %^] %h %e %m %U %s %T %^ %v %^' --date-format=%d/%b/%Y --time-format=%T
—
Reply to this email directly, view it on GitHub
<#1635 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACAZLKKJZSXBYXWT2TZ3HRLVKWRF3ANCNFSM4J7DOYTQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Regards,
Ragi
|
@RaginiShankar For those two lines you posted, the format I shared works fine. Please upload a sample log directly from your access log. e.g.,
|
Please find the sample log
…On Thu, May 19, 2022 at 9:33 PM Gerardo O. ***@***.***> wrote:
@RaginiShankar <https://github.com/RaginiShankar> For those two lines you
posted, the format I shared works fine. Please *upload* a sample log
directly from your access log. e.g.,
tail -30 access.log > sample.log
—
Reply to this email directly, view it on GitHub
<#1635 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACAZLKM7LZVRNPLYLM3TSSDVKZQ3NANCNFSM4J7DOYTQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Regards,
Ragi
[06/May/2022:00:00:00 +0530] 12.24.138.6 - POST /servlet/testServlet 200 0.029 29 https-jsse-nio2-0.0.0.0-8061-exec-16 0
[06/May/2022:00:00:00 +0530] 12.168.139.97 - POST /servlet/testServlet 200 0.002 2 https-jsse-nio2-0.0.0.0-8061-exec-11 0
[06/May/2022:00:00:06 +0530] 12.168.138.235 - POST /servlet/testServlet 200 0.013 13 https-jsse-nio2-0.0.0.0-8061-exec-11 0
[06/May/2022:00:00:07 +0530] 12.24.138.6 - POST /servlet/testServlet 200 60.004 60004 https-jsse-nio2-0.0.0.0-8061-exec-35 0
[06/May/2022:00:00:10 +0530] 12.24.147.42 - POST /servlet/testServlet 200 0.013 13 https-jsse-nio2-0.0.0.0-8061-exec-10 0
[06/May/2022:00:00:10 +0530] 12.168.139.97 - POST /servlet/testServlet 200 60.002 60002 https-jsse-nio2-0.0.0.0-8061-exec-34 0
[06/May/2022:00:00:10 +0530] 12.24.151.242 - POST /servlet/testServlet 200 0.009 9 https-jsse-nio2-0.0.0.0-8061-exec-2 0
[06/May/2022:00:00:12 +0530] 12.24.144.17 - POST /servlet/testServlet 200 60.002 60002 https-jsse-nio2-0.0.0.0-8061-exec-18 0
[06/May/2022:00:00:13 +0530] 12.24.137.252 - POST /servlet/testServlet 200 0.002 2 https-jsse-nio2-0.0.0.0-8061-exec-31 0
[06/May/2022:00:00:13 +0530] 12.24.137.252 - POST /servlet/testServlet 200 0.001 1 https-jsse-nio2-0.0.0.0-8061-exec-10 0
[06/May/2022:00:00:13 +0530] 12.24.137.252 - POST /servlet/testServlet 200 0.002 2 https-jsse-nio2-0.0.0.0-8061-exec-2 0
[06/May/2022:00:00:13 +0530] 12.24.144.17 - POST /servlet/testServlet 200 0.011 11 https-jsse-nio2-0.0.0.0-8061-exec-34 0
|
@RaginiShankar Please attach a file, I don't know if your log is delimited by spaces or tabs, can't really tell based on the spacing I'm seeing. Thanks |
@allinurl - Please help me on the goaccess log-format for the below type nginx log-formats Thanks |
@AD-Karthik Please try
|
Thank for your reply! when i use I already try |
@liuende501 what's the output of |
output of
output of
|
@liuende501 |
@allinurl i think the reason is that my logfile is not record by `zh_CN.UTF-8. But nginx record log always use English. |
@liuende501 now that you have your locale set to zh_CN, go ahead and use LC_TIME to parse an english date. e.g.,
|
thank you for the reply. I ran it according to your answer and confirmed that it works normally~! |
@allinurl thank you for you reply. i must set output of terminal |
Allinurl, please help me to get the right request, piece of my log:
|
allinurl can you help me? |
@Kokosnut this should do it (assumes a consistent log):
|
How to add IP mapping to this request? |
@Kokosnut not sure I understand what you're after. The IP should already show up with the format I posted. |
I mean field - client., screenshot - http://joxi.ru/krD0xgWTGPK46r |
I believe that's the part I'm using for |
@allinurl, please help me to get the right request, piece of my log: |
@RyanZoou Please describe all those fields. Thanks. |
@allinurl Thank so much for your reply, the log fields config: |
Can someone help me with the log format for my log file |
@thoutamganesh66 This should do it:
I'm unsure about the purpose of the empty field before the status, marked as "". I included it as the referrer. |
Hi I got same problem with error.log I want to goaccess to error.log for nginx |
Hello all, ====Error==== ====Access Logs==== A quick help would be appreciated @allinurl Thanks in advance. |
@MrWubbaLubbadubdub It appears that you're using the common log format. Please try the following and let me know of the outcome.
|
@allinurl My nginx error.log looks like this: 2024/04/03 03:57:15 [error] 15893#15893: *71520311 upstream timed out (110: Connection timed out) while connecting to upstream, client: 1.1.1.1, server: 0.0.0.0:456, upstream: "8.8.8.8:123", bytes from/to client:0/0, bytes from/to upstream:0/0 goaccess error.log --log-format=COMMON ==23681== Token '2024/04/03' doesn't match specifier '%h' I also tried 2 of 2024 is gone Thank you so much |
@william-0129, please note that goaccess works best with access log data. However, you could try pulling some of the error log data like this:
The only thing is, it might depend on how the actual error messages are structured/delimited in your logs. But give it a try and let me know how it goes! |
@allinurl |
@william-0129 Give the |
if LOG have leading space, get error Token '' doesn't match specifier '%h'
[SPACE]10.88.241.31 - - [24/Nov/2019:03:34:04 +0300] "GET /" 200 21139 "-" "-"
The text was updated successfully, but these errors were encountered: