Re: Logging content sugestions
visit-id. Yes, this is session id.
user-id, described-userid, and customer-id, as far as the log file is
concerned, could all be the same. Recognizing their differences is driven
mostly by how the id will be used, and is mostly an issue external to the
log file issues. The differences, as applicable to the log file are:
the string specific to a "userid" can be totally determined by the server,
for example, random numbers. They need not be unique between different web
sites. They will never be used for anything other than associating with
each other multiple log records that span multiple sessions at a single web
"described userid" is a little-bit-more than "userid" because it allows
association of demographics with users. Again, they need not be unique
between different web sites. This association could be accomplished either
by embedding the demographics in the log file (e.g., logging the cookie) or
by having a separate file recording the demographics. Of course, logging
the demographic information would increase the size of the logs. In either
case, there is no association with the values of "described userid" beyond
relating visits and sessions with demographics. These associations can be
totally managed by the server software itself.
"customer-id" implies the ability to associate the id with something
external to the server envirionment. They may need to be unique across
multiple web sites. One way of handling this could be to use the "described
userid" facility, but include the external name as though it were one of the
Now, all of that restated, the important issues to understand from the
logging viewpoint are:
1. The logging file needs a mechanism to identify users,
2. The mechanism should take into account the potential different uses of
3. The identification tokens have different scopes of viability,
4. It would be useful, when demographic information is wanted and available,
to have a standard way of relating that demographic information to the log
To: Gerald L. Despain
Subject: Re: Logging content sugestions
Date: Thursday, April 11, 1996 4:09PM
This is a response to a posting that I did not see any response to.
On Thu, 14 Mar 1996, Gerald L. Despain wrote:
> 1. In the extended log format it would be useful to allow a directive to
> identity of the site for which the log was produced. This would
> prepartion of analysis reports on aggregations of logs from different web
I think that including general information in the preamble of the log is
a good idea.
> 4. It would be useful to allow logging of various forms of user or session
> including the ideas as defined in the working draft on session-id. In
> are the following kinds of "id" that may be available and logged:
> Persists only for a single session. No other user information associated
with the id.
Is this the session id? It would be appropriate.
> Persists between sessions. Allows recognition of when the same person
returns to the
> site. No other user information associated with the id.
> Persists between sessions. Allows the identification of the individual
> in external databases, such as a customer database.
1. I think that user-id and customer-id can be combined into one. If you
need a specific id for the customer database, that should fall outside of
log. customer-id usually fall as an inside company id and should be kept as
If you need to grab a specific customer-id, I suggest a secure link. Either
have a log-in page or extend the cookie mechanism in order to let the client
system define a user-id and customer-id cookie for that site. Any which
way, I think you should keep the customer-id out of the log.
2. How are we defining a user-id. A random number is not guaranteed to
be unique so ones has to be provided. Is that id supposed to be site
unique or global.
> Persists only for a single session. Associates some demographic
information with the
> user. Does not allow for identification of any personal identification
such as name
> or address.
> Persists between sessions. Associates some demographic information with
> Does not allow for identification of any personal identification such as
I believe that the information provided by *-user-id can be maintained by
the site outside of the log. The deomgraphic information can be stored
externally and tied to the user-id. When the log is exported, the
user-id can be replaced by or augmented with the demographic
information. The idea is for the site to ask "if the user would like to
give demographic info" once for an unknown user-id and not do it under
Magnus Mengelbier tel. Sweden + (0)40-29 39 12
Mathematical Statistics e-mail email@example.com
Lund University, Sweden firstname.lastname@example.org