Hi everyone, I have what will probably be a pretty simple question... unfortunately I need to provide a few details to help explain what I'm trying to do and why. One of the big uses of Squid to our managers is seeing how much time employees are spending on the internet. To that extent, we've got Squint installed for analyzing our logs and generating a shiny report that does exactly that, and can be viewed in an html document hosted right on the Squid box. Works great. We also authenticate with LDAP so requests can be tied to user credentials in Squid. Again, works great. Here's where the minor hiccup comes in: I have an acl called 'passthrough' which is basically a list of domains/keywords/etc that the proxy server will allow requests for without prompting the user for their credentials. This comes in handy for programs that like to check for updates online, like Adobe Reader and iTunes. Unfortunately for my purposes, requests that go through unauthenticated are recorded in access.log by requestor IP address, which subsequently gets parsed by Squint and adds gobs of useless information to the report. So, my question: Is there any way to get Squid to exclude certain types of records from access.log? Or would I be better off just beefing up our PAC file to send these 'passthrough' requests around the proxy? On second thought, I suppose I could just write and cron a perl script that nukes lines containing an IP in our DHCP range right before Squint updates. That feels messy though :) Thanks everyone! Jack -------------------------------------------------------- This message (and any associated files) is the property of S. R. Weiner and Associates Inc. and W/S Development Associates LLC and is intended only for the use of the individual or entity to which it is addressed and may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by calling our corporate office at 617-232-8900 and deleting this message from your computer. Internet communications cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Therefore, S. R. Weiner and Associates, Inc. and W/S Development Associates LLC do not accept responsibility for any errors or omissions that are present in this message, or any attachment, that have arisen as a result of e-mail transmission. If verification is required, please request a hard-copy version of this message. Any views or opinions presented in this message are solely those of the author and do not necessarily represent those of the company.
