Tuesday, June 11, 2013

Squid Access Log Customization (Date & Time Stamp)

Subject: Adding date & time in squid access log file

By default, squid don't allow you to view "date & time stamp" of currently accessed websites & google searches. But, you may edit "/etc/squid/squid.conf" file to allow the same by modifying below lines.

I. Open your squid.conf and search for the line that starts with access_log or cache_access_log and looks like:


access_log /var/log/squid/access.log squid


II. Note the last keyword (in this case squid, but it could be common, combined, squidmime)

III. Then look for the line that starts with logformat. In my case, it has shown below.

logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %


By default, it is commented. Just need to replace above shown line with below.

logformat squid %tl %6tr %>a %Ss/%03Hs %

Note: You can take a look at squid.conf.default that comes with squid and it's well documented to see other available options for customizing your logs.

Finally, restart/reload squid service & execute below command to verify the configuration of "Date & Time" stamp. Sample example is as given below.

tail -f /var/log/squid/access.log

11/Jun/2013:13:53:47 +0530     22 10.101.19.147 TCP_MEM_HIT/200 2677 GET http://i8.dainikbhaskar.com/thumbnail/69x60/web2images/www.divyabhaskar.co.in/2013/06/10/5548_joke-7.jpg - NONE/- image/jpeg

11/Jun/2013:13:53:49 +0530    569 10.101.19.147 TCP_MISS/200 4881 GET http://i8.dainikbhaskar.com/thumbnail/120x104/web2images/www.divyabhaskar.co.in/2013/06/10/4459_yadav8.jpg - DIRECT/80.150.193.186 image/jpeg




Regards,
Nishith N.Vyas



2 comments:

  1. Please let me know, how to add the "Total Size of Request received from client" in squid.

    ReplyDelete