# squid -v
Squid Cache: Version 2.6.STABLE21
squidの構文の確認
squid -k parse
テストURL
http://search.yahoo.co.jp/search?p=gppppppppppppppppppppppp
■普通の状態のsquidのログ
1453461548.114 854 127.0.0.1 TCP_MISS/200 9257 GET http://search.yahoo.co.jp/search? - DIRECT/124.83.241.187 text/html1453461574.865 395 127.0.0.1 TCP_MISS/200 9257 GET http://search.yahoo.co.jp/search? - DIRECT/124.83.241.187 text/html
■logformatの成型
/etc/squid/squid.conf の修正logformatの追加
## Native log file format Without Header:
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
squidのログ
1453941569.392 400 127.0.0.1 TCP_MISS/200 9156 GET http://search.yahoo.co.jp/search? - DIRECT/182.22.11.60 text/html
※squid 2.x系 3.x系 デフォルト
## Native log file format With Header:
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
squidのログ
1453461973.237 426 127.0.0.1 TCP_MISS/200 9257 GET http://search.yahoo.co.jp/search? - DIRECT/124.83.241.187 text/html [User-Agent: Wget/1.11.4 Red Hat modified\r\nAccept: */*\r\nHost: search.yahoo.co.jp\r\n] [HTTP/1.0 200 OK\r\nServer: ATS\r\nDate: Fri, 22 Jan 2016 11:26:17 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nP3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"\r\nCache-Control: private\r\nVary: Accept-Encoding\r\nAge: 1\r\nConnection: close\r\n\r]
おまけ検証 - Full URLを取るために、%ru に" "は必要か
Pattern#1 %ru なしlogformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
squidのログ
1453896839.759 1257 127.0.0.1 TCP_MISS/200 9157 GET http://search.yahoo.co.jp/search?p=gppppppppppppppppppppppp - DIRECT/182.22.11.123 text/html [User-Agent: Wget/1.11.4 Red Hat modified\r\nAccept: */*\r\nHost: search.yahoo.co.jp\r\n] [HTTP/1.0 200 OK\r\nServer: ATS\r\nDate: Wed, 27 Jan 2016 12:13:59 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nP3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"\r\nCache-Control: private\r\nVary: Accept-Encoding\r\nAge: 1\r\nConnection: close\r\n\r]
Pattern#2 "%ru" あり
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm "%ru" %un %Sh/%<A %mt [%>h] [%<h]
squidのログ
1453896953.718 496 127.0.0.1 TCP_MISS/200 9158 GET "http://search.yahoo.co.jp/search?p=gppppppppppppppppppppppp" - DIRECT/182.22.11.124 text/html [User-Agent: Wget/1.11.4 Red Hat modified\r\nAccept: */*\r\nHost: search.yahoo.co.jp\r\n] [HTTP/1.0 200 OK\r\nServer: ATS\r\nDate: Wed, 27 Jan 2016 12:15:53 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nP3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"\r\nCache-Control: private\r\nVary: Accept-Encoding\r\nAge: 0\r\nConnection: close\r\n\r]
[結果]必要ないと思われる
■squid のログをsyslogに出力する(v2.6 以下)
/etc/squid/squid.conf の修正access_log /var/log/squid/access.log squid
#以下の追加
access_log syslog squid
squidのリロード(confの再読み込み)
/etc/init.d/squid reload
0 件のコメント:
コメントを投稿