Lire User's Manual

Joost van Baal

Wessel Dankers

Francis J. Lacoste

Wolfgang Sourdeau

Egon L. Willighagen

This manual is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this manual (see COPYING); if not, check with http://www.gnu.org/copyleft/gpl.html or write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.

Revision History
Revision 2.1.1 $Date: 2008/07/17 13:47:14 $
$Id: user-manual.dbx,v 1.92 2008/07/17 13:47:14 wraay Exp $

Table of Contents

Preface
What This Book Contains
How Is This Book Organized?
If You Don't Find Something In This Manual
I. Lire Overview
1. Introducing Lire
What Is Lire?
Supported Systems
Supported Applications
Supported Output Format
What Lire Can't Do
2. Installing Lire
Client Installation
Requirements
Installing
Standalone Installation
Requirements
Installing
Anonymized Client Installation
Requirements
Installing
Responder Installation
Requirements
Installation
Installing Under MTA's using procmail as their MDA
Installing Under Exim
Installing Under qmail
3. Running Lire
Lire's configuration system
Using A Responder
Generating A Report From A Log File
Selecting Output Format
Merging Reports
Gotchas
Sending Anonymized Log Files To A Responder
Processing The Responder's Results
Running Lire In A Server Cluster
Using Mail
4. Using DLF Stores
The lire user interface
Accessing a Dlf Store
Import Jobs
Report Jobs
Report Schedules
Ouput Jobs
Using lr_cron within Cron
Report Configurations
Charts
DLF Streams
II. Log Formats
5. Database Supported Log Formats
MySQL™'s Log
6. Dialup Supported Log Format
7. DNS Supported Log Format
Bind8 Query Log
Bind9 Query Log
8. DNS Zone Supported Log Format
9. Email Zone Supported Log Format
ArGoSoft Mail Server
Exim
Netscape Messaging Server
Postfix
Qmail
Sendmail
10. Firewall Supported Log Formats
Cisco ACL
IPChains
IP Filter
IPTables
WebTrends Enhanced Log Format
11. FTP Supported Log Formats
Microsoft Internet Information Server
Xferlog
12. Message Store Supported Log Formats
13. Print Supported Log Formats
CUPS page_log
LPRng™ Account Log File
14. Proxy Supported Log Formats
Microsoft Internet Security and Acceleration Server
Squid
WebTrends Enhanced Format
15. Syslog Supported Log Formats
16. WWW Supported Log Format
Common Log Format
Combined Log Format
CLF With mod_gzip Extensions
Referer Log Format
Logs With Virtual Host Information
W3C Extended Log Format
III. Lire Reference
17. Installation Parameters
./configure parameters
Installation Environment Variables
18. Lire Logging and Error Messages
Logging
Log Messages

List of Examples

3.1. Sending a Log File For Processing To A Responder
3.2. Generating a Report With lr_log2report
3.3. Generating A HTML Report
3.4. Merging Reports
3.5. Sending An Anonymized Postfix Log File To A Responder
3.6. Deanonymizing and Generating A HTML Report
5.1. Sample MySQL™ Log File
7.1. Enabling Query Log In Bind
7.2. Sample Bind 8™ Query Log
7.3. Sample Bind 9™ Query Log
9.1. ArGoSoft Mail Server™ Log Sample
9.2. Exim™ Log Sample
9.3. Netscape Messaging Server™ Log Sample
9.4. Postfix™ Log Sample
9.5. Qmail™ Log Sample
9.6. Sendmail™ Log Sample
10.1. IOS Log Sample
10.2. IPChains Log Sample
10.3. IP Filter Log Sample
10.4. IPTables Log Sample
10.5. WELF Log Sample
10.6. SonicWall Log Sample
11.1. Microsoft Internet Information Server™ FTP Log Sample
11.2. Xferlog Log Sample
13.1. CUPS page_log Log Sample
13.2. LPRng™ Log Sample
14.1. Microsoft Internet Security and Acceleration Server™ Log Sample
14.2. Squid™ Log Sample
14.3. WELF Log Sample