what should be logged

From: Balachander Krishnamurthy (bala@research.att.com)
Date: Mon, Dec 14 1998


Message-Id: <199812141007.FAA13756@raptor.research.att.com>
To: www-wca@w3.org
Date: Mon, 14 Dec 1998 05:07:04 -0500
From: Balachander Krishnamurthy <bala@research.att.com>
Subject: what should be logged


folks:

at the last conf call i promised to send out my thoughts on what should be
in logs. here is a first cut

[This is output of the ongoing En Passant project at AT&T Labs--Research
 that also involves Jennifer Rexford and Ramon Caceres]

Extended server logs typically gather the following fields:

IP address or name of the client (remote host), date/time of the
request, first line of the request (HTTP method and URL), response
status code (200, 304, ...), number of bytes in the response
[all of the above fields found in virtually all logs], 
remote log and user's name (rarely present in logs), the referer
field, user agent information (found sparingly).

Additional items to be logged:
        time at which request was received
        time at which response creation began/ended

For most applications the above might suffice but with HTTP/1.1 we need 
more fields:
        cache control headers including ETag, request/response directives
        ranges specified in range requests
        accept-encoding formats 
        content negotiation headers (such as Accept-Language)

During my talk at the Cambridge workshop I had mentioned a paper on 
differences between HTTP/1.0 and HTTP/1.1 --- it is now available
	Key Differences between HTTP/1.0 and HTTP/1.1 
	AT&T Labs--Research Technical Memorandum 98.39.1
	Balachander Krishnamurthy and Jeffrey C. Mogul and David M. Kristol
	http://www.research.att.com/library/trs/TRs/98/98.39/98.39.1.body.ps


A colleague of mine will sit in for me at the next conference call. I will
be offline for 4 weeks starting tomorrow.

cheers,
bala