Apache's mod_usertrack gives you the ability to log session cookies.

Update: Do you have mod_log_config available? It has a deprecated interface to cookies.

After Compline,
Zaxo

Yes, that's typically the way to do it. Or you can just roll your own. All this module does is send a cookie with a unique ID to anyone who comes in without one. Then you use a custom log format to log the cookie as part of each access, giving you a unique ID to trace. People can still browse the site if they don't accept the cookie, so it's not a terrible thing to do.

Apache's mod_usertrack gives you the ability to log session cookies.

If I move the site to a colo box, that's what I'll do. For the moment, though, it's hosted at an ISP that doesn't support mod_usertrack, so I'm looking for downstream (logfile-based) options.

It might have been in the mod_perl book, or perhaps his Net::* book.

-- Randal L. Schwartz, Perl hacker

I agree that mod_usertrack is the Right Way™ to do it; it's too bad you don't have that luxury.

Are you sure you need that sort of granularity though?

If the site gets a reasonable amount of traffic and you log referrers you might consider just analyzing the aggregated data. Unless you are looking for something very specific or need it for debugging, it's likely that you'll find yourself munging your click trail data down to something that looks like referrer logs in order to gather statistics on it anyway.

-sauoq
"My two cents aren't worth a dime.";

perhaps you can clarify your definition of "session" a bit.

~Particle *accelerates*

A "session" is the sequence of pages that a given user visits during a browser session. I'm interested in looking at the paths people take through the site, so that I can answer some basic usability questions based on what percentage of users do certain things. Since a "browser session" is hard to quantify, I've arbitrarily decided that a new session starts when N minutes have elapsed since the last page fetch.

Much of the site is static, leaving no easy way to track a session id. And the site is hosted, cutting off the opportunity of doing nifty things with Apache. I have to rely on server logs.

You say you can only go on what is in the logs. Can you tell us what your web server is logging? It might be helpful to your cause if the referrer is being logged. This is the way apache comes on my debian machine.

Can you tell us what your web server is logging? It might be helpful to your cause if the referrer is being logged.

Standard, out-of-the-box Apache logs. I do notice that I'm not getting referrer info in all cases, and suspect that there may be firewalls/proxies that are stripping it off in some cases, so I can't reliably use the referrer to chain together requests.