I have 2 types of users I want to differentiate between in my squid access log: 1) requests thru a browser running on the server, and 2) requests through an ssh tunnelled connection into the server both are logged with IP 127.0.0.1. And using user authentication is not really an option due to the nature of those 2 connection types (right?) The only way I know of is to turn on "log_mime_hdrs" in squid.conf so that my log analyzer can use HTTP_USER_AGENT, but there is so much extra header info that access.log gets prohibitively large. Although this would be fine if there were a way to have squid ONLY write the HTTP_USER_AGENT header to access.log Is there any other way to get squid to differentiate those 2 request types in access.log? __________________________________ Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. http://info.mail.yahoo.com/mail_250
