(oh and I've tried awstats, the apache log analyzer and just plain old reading the damn thing. Not really helping me see the big picture. There's accusations of cheating and I'd like to make sure that none was going on.)

Know any perl?

Use a bit of perl to snarf the log lines into a mysql database. If these are apache logs, there's prolly a CPAN module that will do the parsing for you.

Alternatively, you might be able to pull these right into an Access or SQL Server DB by splitting on the " - " delimiter...

Once you've got your stuff in a DB, query away to your heart's content.

you want to use the linux command line utilities sort -- which will sort the log file, cut, which will isolate just those columns you care about, and uniq, which will reduce to one line repeating lines, and uniq -c which will do what uniq does and also add a count of the number of multiple lines.

I do exactly that to see how many unique IPs are using my FF extensions.

whoha, my brain is fried. Did I mention that? The mysql query route might have been it, but, brain fried. (Buncha kids had a party here today. Me, not used to being mum pushed very hard as I made sure small and big kids didn't hurt themselves or the babies, my god bloody suicidal crazy little terrors! Someone please put me in a bed now.)

Ok, I'll explain my dumb problem again, you seem so much smarter than me. ;) I had 16 different questions where people could vote - one ip# could only vote once. Now, people are saying that one ip# could vote unlimited times, so basically I'd like to quickly find out if all vote on question5 came from different IP#, or just see if an ip# vote a whole bunch of times on one question. 'cause that would be wrong. ... yeah I guess I could query the mysql server up and down and around again, but I'd really like some pretty graphs that just looked at the whole file for me....Justto get the big picture. All votes to "WK London" came from these ip's.. Like. Hmm.

ortho is basically right here. assuming the sample line above only includes the vote data i would use soemthing like this:
cat nameoflogfile | cut -d" " -f1 | sort | uniq -c

this will give you each ip address followed by the number of occurences

if the above doesn't exclude the rest the log file then i'd probably use gawk/awk instead of cat to feed the above command line. i'm currently too fucked to be helpful on that front.

ps: i'm very drunk so there are probably large parts of this that are very very wrong

The problem is that it looks like your log file has a multi-character delimiter, namely " - ", which sort can't handle. I think you're looking for something like:

perl -ple '$_ = join("\t", (split(/ - /))[6,0])' data.txt | sort | uniq -c

where "6,0" is a list of the columns you're interested in, starting from zero. For graphing the results, Excel's probably the simplest route.

By the way, there are many reasons why multiple votes might come from the same IP address, including libraries, proxies, and anti-virus software.

eamon, she can use cut to cut out the fileds she doesn't care about, using -d " " as the delim

It's official, a drunk dodgy is more awake than a pooped-out-after-kid-party Dabitch. Maybe one should label kids with "do not operate heavy machinery after handling"? I reckon eamondaly makes sense too. :) Anyway, thanks so much, now that I've had some sleep and some coffe I can get to work! *mwah mwah*! Bless you all for your help. Seriously. I was so brainfried last night it wasn't even funny. killdevil asks "know any perl" and I'm ashamed to admit I even have a bit of a script tattooed on my arm, in perl. That's how fried my brain was, I didn't even think of using it.

By the way, there are many reasons why multiple votes might come from the same IP address, including libraries, proxies, and anti-virus software.

True, kids at small ad agencies were unhappy that their 12 machines had the same IP so they could only vote once, it's a crude way of trying to keep people from cheating, but easy.

heh, with cat log.txt | awk '{print $1 "\t " $10}'|grep question |sort -n | uniq -c |sort -nr | head -40 I disovered many many cheaters. Tssssk.

thanks for all your help guys. Really. Super!

cool. glad to help.