Proftpd transfer log file format

Below is a line from a proftpd transfer log. I can't
find any definition of the file format. The directives list shows a
default value for the 'FileFormat' directive but the value doesn't seem to
relate to the stuff in the transfer log. Can someone point to the default
file format definition for the transfer log?


Thu Dec 16 12:15:23 2004 16 192.168.1.2 97280
/opt/app/ftp/labs/labs2/file1 b _ i r labs2 ftp 1 * c

In comp.unix.admin albright <moron@slow.pobox.com> wrote:
> Below is a line from a proftpd transfer log. I can't
> find any definition of the file format. The directives list shows a
> default value for the 'FileFormat' directive but the value doesn't seem to
> relate to the stuff in the transfer log. Can someone point to the default
> file format definition for the transfer log?


> Thu Dec 16 12:15:23 2004 16 192.168.1.2 97280
> /opt/app/ftp/labs/labs2/file1 b _ i r labs2 ftp 1 * c

It seems simular to wu-ftpd, the well documented standard :-)

man xferlog shows :
NAME
xferlog - FTP server logfile

DESCRIPTION
The xferlog file contains logging information from the FTP
server daemon, ftpd(8). This file usually is found in
/var/log, but can be located anywhere by using a option to
ftpd(8). Each server entry is composed of a single line
of the following form, with all fields being separated by
spaces.

current-time transfer-time remote-host file-
size filename transfer-type special-action-
flag direction access-mode username ser-
vice-name authentication-method authenticated-
user-id completion-status


current-time is the current local time in the form
"DDD MMM dd hh:mm:ss YYYY". Where DDD
is the day of the week, MMM is the
month, dd is the day of the month, hh
is the hour, mm is the minutes, ss is
the seconds, and YYYY is the year.

transfer-time is the total time in seconds for the
transfer.

remote-host is the remote host name.

file-size is the size of the transferred file in
bytes.

filename is the name of the transferred file.

transfer-type is a single character indicating the
type of transfer. Can be one of:
a for an ascii transfer
b for a binary transfer

special-action-flag is one or more single character flags
indicating any special action taken.
Can be one or more of:
C file was compressed
U file was uncompressed
T file was tar'ed
_ no action was taken

direction is the direction of the transfer. Can
be one of:
o outgoing
i incoming

access-mode is the method by which the user is
logged in. Can be one of:
a (anonymous) is for an
anonymous guest user.
g (guest) is for an
passworded guest user
(see the guestgroup
command in ftpac-
cess(5) ).
r (real) is for a local
authenticated user.

username is the local username, or if guest,
the ID string given.

service-name is the name of the service being
invoked, usually FTP.

authentication-method
is the method of authentication used.
Can be one of:
0 none
1 RFC931 Authentication

authenticated-user-id
is the user id returned by the authen-
tication method. A * is used if an
authenticated user id is not avail-
able.

completion-status is a single character indicating the
status of the transfer. Can be one
of:
c complete transfer
i incomplete transfer

FILES
/var/log/xferlog
SEE ALSO
ftpd(8), ftpaccess(5)





--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.

On Fri, 17 Dec 2004 21:17:30 +0000, phn wrote:

>
> It seems simular to wu-ftpd, the well documented standard :-)
>
> man xferlog shows :
> NAME
> xferlog - FTP server logfile

Yeah, I just RTFMan page. I was looking in the docs and couldn't find
anything.