search

allinurl / goaccess

GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
https://goaccess.io
MIT License
17.78k stars 1.09k forks source link

Browsers an operating systems aren't recognized #2680

Closed abid76 closed 1 month ago

abid76 commented 1 month ago

I'm using goaccess 1.9.2 on MacOS Sonoma.

Everything works fine, but unfortunately the Browsers and Operating systems aren't recognized.

In https://github.com/allinurl/goaccess/issues/555#issuecomment-331137188 it's proposed to use --log-format=COMBINED for version 1.2 but this didn't work for me.

The report shows 92 percent unknown Browsers and Operating systems.

Bildschirmfoto 2024-05-10 um 11 18 55

I run goaccess with no custom configuration using this script:

#!/bin/bash
LC_TIME="en_US.UTF-8" bash -c "goaccess $1 --log-format=COMBINED --geoip-database dbip-city-lite-2024-05.mmdb"

Here's some lines from the access log:

2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/imago0444097159h-1024x683.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
178.197.199.0 - - [09/May/2024:00:00:00 +0200] "GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1" 200 5846 my-domain.com "https://my-domain.com/labor-in-china-entwickelt-hochansteckende-und-toedliche-ebola-mutation/" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-"
2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/imago0301859172h-300x200.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/china-russland-mondmission-300x169.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/imago473124644-1024x683.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/Kommentar-Vorlage-Neu-2-Wiederhergestellt-1-1024x576.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/Kommentar-Vorlage-Neu-2-Wiederhergestellt-1-300x169.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
2a02:3037:600:: - - [09/May/2024:00:00:00 +0200] "GET /wp-content/uploads/2024/05/imago0447339724h-300x200.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Safari/537.36" "-"
45.84.139.0 - - [09/May/2024:00:00:00 +0200] "GET / HTTP/1.1" 200 39479 my-domain.com "https://my-domain.com/labor-in-china-entwickelt-hochansteckende-und-toedliche-ebola-mutation/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
2003:d0:6f00:: - - [09/May/2024:00:00:00 +0200] "GET / HTTP/1.1" 200 225527 my-domain.com "-" "NetNewsWire (RSS Reader; https://netnewswire.com/)" "-"
2a00:6020:5000:: - - [09/May/2024:00:00:01 +0200] "GET / HTTP/1.1" 200 39479 my-domain.com "-" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/119.0" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/uploads/2024/05/imago0444097159h-1024x683.jpg HTTP/1.1" 200 16732 my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/uploads/2024/05/imago0301859172h-1024x683.jpg HTTP/1.1" 200 22564 my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
2a00:6020:5000:: - - [09/May/2024:00:00:01 +0200] "GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1" 200 19350 my-domain.com "https://my-domain.com/" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/119.0" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/plugins/embed-privacy/assets/style/embed-privacy.min.css?ver=1.9.1 HTTP/1.1" 200 807 my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/uploads/2024/04/eu-erweiterung-768x1024.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/uploads/2024/04/welterloeserin-1-768x1024.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/uploads/2024/03/imago0312882449h-1024x576.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/uploads/2024/04/sterbehilfe-768x1024.jpg HTTP/1.1" 304 - my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
45.84.139.0 - - [09/May/2024:00:00:01 +0200] "GET /wp-content/plugins/embed-privacy/assets/js/embed-privacy.min.js?ver=1.9.1 HTTP/1.1" 200 1526 my-domain.com "https://my-domain.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/124.0.6367.88 Mobile/15E148 Safari/604.1" "-"
2a00:6020:5000:: - - [09/May/2024:00:00:01 +0200] "GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1" 200 3007 my-domain.com "https://my-domain.com/" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/119.0" "-"
allinurl commented 1 month ago

Please try the following, it should do the job:

# goaccess access.log --log-format='%h %^[%d:%t %^] "%r" %s %b %v "%R" "%u"%^' --date-format=%d/%b/%Y --time-format=%T

2024-05-10-165320_488x109_scrot

abid76 commented 1 month ago

Thanks 🙂 Here's the complete working script (with double quotes escaped):

#!/bin/bash
LC_TIME="en_US.UTF-8" bash -c "goaccess $1 --log-format='%h %^[%d:%t %^] \"%r\" %s %b %v \"%R\" \"%u\"%^' --date-format=%d/%b/%Y --time-format=%T  --geoip-database dbip-city-lite-2024-05.mmdb"