[IUG] Weblogs

[Karen Johnson <johnsonka at usfca dot edu>]

 Greetings,

I have a few questions regarding use of weblogs.

1.  What tool do you use to analyze the data?  I have seen the 
recommendations on CSDirect.  I would like some endorsements if there 
are any out there.

2.  It does not appear that we can identify the credentials used for 
remote access to our databases.  We can see the ip but not the username 
and password used in Web Access Management.   Any suggestions?

Our immediate problem is that one of our databases was accessed 
inappropriately according to the terms of our contract--so they tell 
us.  It does appear that an ip in Iran was downloading pdfs of an online 
journal and that the speed of access suggests that it was automated 
rather than an individual searching and downloading.

Interestingly our Web Access Management statistics do not show that this 
database was accessed on the date in question even though the weblog 
does.  It may be that the filters in place to prevent bloated statistics 
now eliminate this information as well.  At least I might have been able 
to see the ptype if these searches showed up but that may not have 
helped much anyway.  It would also be useful to see what patron record 
was used.

I am not sure what we can do to prevent further incidents of this nature 
and it doesn't look like we can assure the publisher of the online 
journal that was targeted that we can prevent it from happening again.

We are a turnkey site.

How are folks out there handling these issues?

Thanks

Karen



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.