My previous e-mail bounced back. <squid-users@xxxxxxxxxxxxxxx>: Mail server for "squid-cache.org" unreachable for too long So reposting, sorry if already it had reached the group. ----- Original Message ----- > From: Amos Jeffries <squid3@xxxxxxxxxxxxx> >> On 20/07/2013 2:04 p.m., Amm wrote: >> Hello, >> >> Squid already has option to log FULL query. i.e strip_query_terms off. >> >> I would like to know is there any way to log FULL query only for particular > acl? > Not in the existing Squid. > > It could be added fairly easily, but the utility of doing it is very > small. The major gain from stripping such terms is to protect stupid > security systems which do things like place credentials or users private > details in the query-string portion of URLs. Yes that is why I am asking, I do not want to log everything, just search queries made. So basically do not want to violate privacy of anyone. If it is easy to add, can you provide some hints on which files or what functions to change? >> I am asking this because, I do not want log file to get full by recording >> everything, just wanted queries recorded for few cases. > If you are worried about query-string filling logs then you have bigger > problems. A simple flood of rejected requests could dump far more > content into your logs than query-strings on normal traffic do. No I am not worried about someone trying to flood. But why record unwanted things? With acl based recording, only selected stuff can be recorded. It will also save disk I/Os and disk space. There will be hardly 100 search requests in average 100000 lines of log. So logging everything just for 100 search queries is excessive. That is why I was looking for this feature. > If this is an actual problem I suggest looking at making yourself a > daemon helper, you can do anything you like with the log lines in the > daemon. Our squid-3.3 daemon does some basic checks on file size and > rotates the logs if they get too big, in addition to the squid-requested > rotations. > Or one of the other network I/O logging modules can send logs to a > machine with more space available. Writing helper etc for small thing is a big ask. But if simple acl based filtering can be implemented it would be great and in my opinion best place to do. > Amos Thanks for your replies. Amm