[EMAIL PROTECTED] wrote:
> Hi,
>
> I have seen a message here earlier about the LOGFORMAT line for Squid's
> access.log. But I couldn't find any response...
>
> Any ideas?
>
> P.S.: Comments on using Analog with Squid's access.log welcome...
>
I just installed Squid yesterday on 0our system here, but haven't had a
chance to look at running the logs through analog. You could try setting
the squid log to Common Log Format. Otherwise, I think it should be fairly
easy to set up a custom LOGFORMAT.
The output seems to be ...
922116751.519 3 123.45.67.89 TCP_DENIED/403 986 GET
http://www.edin.gov.uk/ - NONE/- -
for a denied access message, and ...
922118591.218 251 123.45.67.89 TCP_HIT/200 19371 GET
ftp://src.doc.ic.ac.uk/ - NONE/- text/html
for a successful one.
The problem could be converting the UNIX format date and time. The CLF
produced seems to be slightly non standard with an extra field at the end
...
123.45.67.89 - - [23/Mar/1999:08:09:17 +0000] "GET
ftp://ftp.syntrillium.com/pub/cool_edit/c96setup.exe HTTP/1.0" 200 2179236
TCP_MISS:DIRECT
Wallace.
--
======================================================================
Wallace Nicoll [EMAIL PROTECTED]
City of Edinburgh Council IT Services,
Chesser House, 500 Gorgie Road, Phone : 0131 469 5343
Edinburgh, EH11 3YJ, Scotland Fax : 0131 469 5335
======================================================================
--------------------------------------------------------------------
This is the analog-help mailing list. To unsubscribe from this
mailing list, send mail to [EMAIL PROTECTED]
with "unsubscribe analog-help" in the main BODY OF THE MESSAGE.
--------------------------------------------------------------------
