Web Server Access Logs
David Jones made this Freedom of Information request to Office for Standards in Education, Children’s Services and Skills
Dear Sir or Madam,
I would like the access logs for the webserver for the website www.ofsted.gov.uk . I am referring to the file normally called "access_log" or similar that Apache (the web server software used by your website) creates. Such files usually contain one line per access made to the website.
If you summarise these files on a regular basis (monthly, quarterly, or whatever) to produce graphs or tables of "hits per day", "hits per month", or similar, then I would like copies of such summaries.
Whatever you have lying around would be just fine. No need to go digging the backup tapes up.
The following is forwarded for your attention. Please respond directly to
the customer and not to the NBU.
Customer Service Advisor
Ofsted - National Business Unit
TEL: 08456 404040
Dear Mr Jones,
Thank you for your email of 23 September concerning your FOI request.
You have requested:
"(...) access logs for the webserver for the website www.ofsted.gov.uk.
I am referring to the file normally called "access_log" or similar that
Apache (the web server software used by your website) creates. Such
files usually contain one line per access made to the website.
If you summarise these files on a regular basis (monthly, quarterly, or
whatever) to produce graphs or tables of "hits per day", "hits per
month", or similar, then I would like copies of such summaries.".
Ofsted holds this information and a summary report for website access
statistics is attached. As you did not state how far back you wanted
the logs the summary report is for the last month (19/09/2008 -
19/10/2008). If you need any further information then please contact
Guy Shrimpton ([email address])
If you are unhappy with the handling of your request, you may request an
internal review by writing to:
The Deputy Director of Corporate Services,
If you are not content with the outcome of the internal review, you have
the right to apply to the Information Commissioner for a decision as to
whether or not we have complied with our obligations under the Act with
respect to your request. The Information Commissioner can be contacted
Information Commissioner's Office
Cheshire, SK9 5AF
Dear Julie Cotterill,
thank you for the response. You have supplied me with a suitable summary as I requested in my second paragraph.
However, in my first paragraph I asked for the access_log file. You have not supplied this. Please can you do so?
I thought your request was an either or. However this file is very big.
How much data do you want?
Dear Julie Cotterill,
I appreciate that the file is very big.
How about you trim it to about 20 megabytes (the most recent 20 MB or the first 20MB of the last rotation, whichever you think is easiest), compress it, and then attach it to this request using the web interface: http://www.whatdotheyknow.com/upload/req... (that seems more likely to work than trying to e-mail a 10 MB attachment).
A WhatDoTheyKnow staffer suggests that it might be a good idea to redact the IP address from the log file (I'm certainly not interested in seeing it).
The fields available in the access logs are:
Field 1 : The IP address of the client (remote host) which made the
request to the server.
Field 2 : RFC 1413 identity of the client provided by the client machine
Field 3 : The userid of the person requesting the document as determined
Field 4 : The time that the server finished processing the request.
Field 5 : The request line from the client in double quotes.
Field 6 : The status code that the server sends back to the client.
Field 7 : The size of the object returned to the client.
Field 8 : The "Referrer". This gives the site that the client reports
having been referred from.
Field 9 : The "User-Agent". This is the information that the client
browser reports about itself.
I have been advised that fields 1, 2, 3, 8 and 9 have the potential to
hold personal data. Would you like me to send you the logs only
containing fields 4, 5, 6 and 7?
Dear Julie Cotterill,
Fields 1, 2, 3 clearly have personal data; field 8 (referrer) could well have.
I can't really see how field 9, the User-Agent string, could have personal data; it's usually set by the browser to identify the browser (for example, "Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/XX (KHTML, like Gecko) Safari/YY").
So how about sending me the logs containing fields 4,5,6,7 and 9.