The format we're using for the access log is Common Log Format, a standard web server log format used across many systems.
The second field is the RFC 1413 IDENT of the remote user. This protocol is no longer in use on the modern Internet, and is not configured to be used at all on our servers, so this field will always be empty (represented as a dash).
The third field represents the active username if the user has authenticated themseves to the server using a HTTP username and password. This only really comes into play if you have set up password-protected directories, WebDAV, or SVN under your domain; in all other cases, it is blank (again, represented as a dash).