Tools: ELFF Format Explanation

Logs Explanation ****************************************************** This is an ELFF format with custom strings of: ****************************************************** date time time-taken c-ip sc-status s-action sc-bytes cs-bytes cs- method cs-uri-scheme cs-host cs-uri-port cs-uri-path cs-uri-query cs-username cs-auth-group s-hierarchy s-supplier-name rs(Content- Type) cs(User-Agent) sc-filter-result cs-category x-virus-id s-ip s- sitename******************************************************  example: 2013-11-07 01:01:11 1 10.10.10.10 304 TCP_HIT 320 894 GET http http://www.martugbo.com  80 /plugins/tt/tt.php ?src=photos/ce3ccf9cc6cfbbea1bce22547f35b950.jpg&w=86&h=56&zc=1&media=1 jon_do USER_Group\WWU-IA-StandardAccess Unknown 10.10.40.66 image/jpeg "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; xs-q__ic9-390M;iwOfva; … Continue reading Tools: ELFF Format Explanation