|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Read squid.cache.documented carefully again: # LOGFILE OPTIONS # ----------------------------------------------------------------------------- # TAG: logformat # Usage: # # logformat <name> <format specification> # # Defines an access log format. # # The <format specification> is a string with embedded % format codes # # % format codes all follow the same basic structure where all but # the formatcode is optional. Output strings are automatically escaped # as required according to their context and the output format # modifiers are usually not needed, but can be specified if an explicit # output format is desired. # # % ["|[|'|#] [-] [[0]width] [{argument}] formatcode # # " output in quoted string format # [ output in squid text log format as used by log_mime_hdrs # # output in URL quoted format # ' output as-is # # - left aligned # # width minimum and/or maximum field width: # [width_min][.width_max] # When minimum starts with 0, the field is zero-padded. # String values exceeding maximum width are truncated. # # {arg} argument such as header name etc # # Format codes: # # % a literal % character # sn Unique sequence number per log line entry # err_code The ID of an error response served by Squid or # a similar internal error identifier. # err_detail Additional err_code-dependent error information. # note The annotation specified by the argument. Also # logs the adaptation meta headers set by the # adaptation_meta configuration parameter. # If no argument given all annotations logged. # The argument may include a separator to use with # annotation values: # name[:separator] # By default, multiple note values are separated with "," # and multiple notes are separated with "\r\n". # When logging named notes with %{name}note, the # explicitly configured separator is used between note # values. When logging all notes with %note, the # explicitly configured separator is used between # individual notes. There is currently no way to # specify both value and notes separators when logging # all notes with %note. # # Connection related format codes: # # >a Client source IP address # >A Client FQDN # >p Client source port # >eui Client source EUI (MAC address, EUI-48 or EUI-64 identifier) # >la Local IP address the client connected to # >lp Local port number the client connected to # >qos Client connection TOS/DSCP value set by Squid # >nfmark Client connection netfilter mark set by Squid # # la Local listening IP address the client connection was connected to. # lp Local listening port number the client connection was connected to. # # <a Server IP address of the last server or peer connection # <A Server FQDN or peer name # <p Server port number of the last server or peer connection # <la Local IP address of the last server or peer connection # <lp Local port number of the last server or peer connection # <qos Server connection TOS/DSCP value set by Squid # <nfmark Server connection netfilter mark set by Squid # # Time related format codes: # # ts Seconds since epoch # tu subsecond time (milliseconds) # tl Local time. Optional strftime format argument # default %d/%b/%Y:%H:%M:%S %z # tg GMT time. Optional strftime format argument # default %d/%b/%Y:%H:%M:%S %z # tr Response time (milliseconds) # dt Total time spent making DNS lookups (milliseconds) # tS Approximate master transaction start time in # <full seconds since epoch>.<fractional seconds> format. # Currently, Squid considers the master transaction # started when a complete HTTP request header initiating # the transaction is received from the client. This is # the same value that Squid uses to calculate transaction # response time when logging %tr to access.log. Currently, # Squid uses millisecond resolution for %tS values, # similar to the default access.log "current time" field # (%ts.%03tu). # # Access Control related format codes: # # et Tag returned by external acl # ea Log string returned by external acl # un User name (any available) # ul User name from authentication # ue User name from external acl helper # ui User name from ident # un A user name. Expands to the first available name # from the following list of information sources: # - authenticated user name, like %ul # - user name supplied by an external ACL, like %ue # - SSL client name, like %us # - ident user name, like %ui # credentials Client credentials. The exact meaning depends on # the authentication scheme: For Basic authentication, # it is the password; for Digest, the realm sent by the # client; for NTLM and Negotiate, the client challenge # or client credentials prefixed with "YR " or "KK ". # # HTTP related format codes: # # REQUEST # # [http::]rm Request method (GET/POST etc) # [http::]>rm Request method from client # [http::]<rm Request method sent to server or peer # [http::]ru Request URL from client (historic, filtered for logging) # [http::]>ru Request URL from client # [http::]<ru Request URL sent to server or peer # [http::]>rs Request URL scheme from client # [http::]<rs Request URL scheme sent to server or peer # [http::]>rd Request URL domain from client # [http::]<rd Request URL domain sent to server or peer # [http::]>rP Request URL port from client # [http::]<rP Request URL port sent to server or peer # [http::]rp Request URL path excluding hostname # [http::]>rp Request URL path excluding hostname from client # [http::]<rp Request URL path excluding hostname sent to server or peer # [http::]rv Request protocol version # [http::]>rv Request protocol version from client # [http::]<rv Request protocol version sent to server or peer # # [http::]>h Original received request header. # Usually differs from the request header sent by # Squid, although most fields are often preserved. # Accepts optional header field name/value filter # argument using name[:[separator]element] format. # [http::]>ha Received request header after adaptation and # redirection (pre-cache REQMOD vectoring point). # Usually differs from the request header sent by # Squid, although most fields are often preserved. # Optional header name argument as for >h # # # RESPONSE # # [http::]<Hs HTTP status code received from the next hop # [http::]>Hs HTTP status code sent to the client # # [http::]<h Reply header. Optional header name argument # as for >h # # [http::]mt MIME content type # # # SIZE COUNTERS # # [http::]st Total size of request + reply traffic with client # [http::]>st Total size of request received from client. # Excluding chunked encoding bytes. # [http::]<st Total size of reply sent to client (after adaptation) # # [http::]>sh Size of request headers received from client # [http::]<sh Size of reply headers sent to client (after adaptation) # # [http::]<sH Reply high offset sent # [http::]<sS Upstream object size # # [http::]<bs Number of HTTP-equivalent message body bytes # received from the next hop, excluding chunked # transfer encoding and control messages. # Generated FTP/Gopher listings are treated as # received bodies. # # # TIMING # # [http::]<pt Peer response time in milliseconds. The timer starts # when the last request byte is sent to the next hop # and stops when the last response byte is received. # [http::]<tt Total time in milliseconds. The timer # starts with the first connect request (or write I/O) # sent to the first selected peer. The timer stops # with the last I/O with the last peer. # # Squid handling related format codes: # # Ss Squid request status (TCP_MISS etc) # Sh Squid hierarchy status (DEFAULT_PARENT etc) # # SSL-related format codes: # # ssl::bump_mode SslBump decision for the transaction: # # For CONNECT requests that initiated bumping of # a connection and for any request received on # an already bumped connection, Squid logs the # corresponding SslBump mode ("server-first" or # "client-first"). See the ssl_bump option for # more information about these modes. # # A "none" token is logged for requests that # triggered "ssl_bump" ACL evaluation matching # either a "none" rule or no rules at all. # # In all other cases, a single dash ("-") is # logged. # # ssl::>sni SSL client SNI sent to Squid. Available only # after the peek, stare, or splice SSL bumping # actions. # # If ICAP is enabled, the following code becomes available (as # well as ICAP log codes documented with the icap_log option): # # icap::tt Total ICAP processing time for the HTTP # transaction. The timer ticks when ICAP # ACLs are checked and when ICAP # transaction is in progress. # # If adaptation is enabled the following three codes become available: # # adapt::<last_h The header of the last ICAP response or # meta-information from the last eCAP # transaction related to the HTTP transaction. # Like <h, accepts an optional header name # argument. # # adapt::sum_trs Summed adaptation transaction response # times recorded as a comma-separated list in # the order of transaction start time. Each time # value is recorded as an integer number, # representing response time of one or more # adaptation (ICAP or eCAP) transaction in # milliseconds. When a failed transaction is # being retried or repeated, its time is not # logged individually but added to the # replacement (next) transaction. See also: # adapt::all_trs. # # adapt::all_trs All adaptation transaction response times. # Same as adaptation_strs but response times of # individual transactions are never added # together. Instead, all transaction response # times are recorded individually. # # You can prefix adapt::*_trs format codes with adaptation # service name in curly braces to record response time(s) specific # to that service. For example: %{my_service}adapt::sum_trs # # If SSL is enabled, the following formating codes become available: # # %ssl::>cert_subject The Subject field of the received client # SSL certificate or a dash ('-') if Squid has # received an invalid/malformed certificate or # no certificate at all. Consider encoding the # logged value because Subject often has spaces. # # %ssl::>cert_issuer The Issuer field of the received client # SSL certificate or a dash ('-') if Squid has # received an invalid/malformed certificate or # no certificate at all. Consider encoding the # logged value because Issuer often has spaces. # # The default formats available (which do not need re-defining) are: # #logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt #logformat common %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh #logformat combined %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh #logformat referrer %ts.%03tu %>a %{Referer}>h %ru #logformat useragent %>a [%tl] "%{User-Agent}>h" # # NOTE: When the log_mime_hdrs directive is set to ON. # The squid, common and combined formats have a safely encoded copy # of the mime headers appended to each line within a pair of brackets. # # NOTE: The common and combined formats are not quite true to the Apache definition. # The logs from Squid contain an extra status and hierarchy code appended. # #Default: # The format definitions squid, common, combined, referrer, useragent are built in. # TAG: access_log # Configures whether and how Squid logs HTTP and ICP transactions. # If access logging is enabled, a single line is logged for every # matching HTTP or ICP request. The recommended directive formats are: # # access_log <module>:<place> [option ...] [acl acl ...] # access_log none [acl acl ...] # # The following directive format is accepted but may be deprecated: # access_log <module>:<place> [<logformat name> [acl acl ...]] # # In most cases, the first ACL name must not contain the '=' character # and should not be equal to an existing logformat name. You can always # start with an 'all' ACL to work around those restrictions. # # Will log to the specified module:place using the specified format (which # must be defined in a logformat directive) those entries which match # ALL the acl's specified (which must be defined in acl clauses). # If no acl is specified, all requests will be logged to this destination. # # ===== Available options for the recommended directive format ===== # # logformat=name Names log line format (either built-in or # defined by a logformat directive). Defaults # to 'squid'. # # buffer-size=64KB Defines approximate buffering limit for log # records (see buffered_logs). Squid should not # keep more than the specified size and, hence, # should flush records before the buffer becomes # full to avoid overflows under normal # conditions (the exact flushing algorithm is # module-dependent though). The on-error option # controls overflow handling. # # on-error=die|drop Defines action on unrecoverable errors. The # 'drop' action ignores (i.e., does not log) # affected log records. The default 'die' action # kills the affected worker. The drop action # support has not been tested for modules other # than tcp. # # ===== Modules Currently available ===== # # none Do not log any requests matching these ACL. # Do not specify Place or logformat name. # # stdio Write each log line to disk immediately at the completion of # each request. # Place: the filename and path to be written. # # daemon Very similar to stdio. But instead of writing to disk the log # line is passed to a daemon helper for asychronous handling instead. # Place: varies depending on the daemon. # # log_file_daemon Place: the file name and path to be written. # # syslog To log each request via syslog facility. # Place: The syslog facility and priority level for these entries. # Place Format: facility.priority # # where facility could be any of: # authpriv, daemon, local0 ... local7 or user. # # And priority could be any of: # err, warning, notice, info, debug. # # udp To send each log line as text data to a UDP receiver. # Place: The destination host name or IP and port. # Place Format: //host:port # # tcp To send each log line as text data to a TCP receiver. # Lines may be accumulated before sending (see buffered_logs). # Place: The destination host name or IP and port. # Place Format: //host:port # # Default: # access_log daemon:/usr/local/squid/var/logs/access.log squid #Default: # access_log daemon:/usr/local/squid/var/logs/access.log squid You can define any custom access.log, for example, and write this custom log at the same time. 27.04.16 1:20, Aashima Madaan пишет: > Hey, > > I have kept squid between a proxy and a server. Requests and response pass from proxy to squid to server and back. > > Does squid has any other logs except cache.log and access.log? are there any ways to improve squid logging or enable any debug logs? > > Thanks > Aashima > > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXH8JPAAoJENNXIZxhPexGB88H/2wnTr0o3K/A9hkHcMHzE/fj CzOOL5B0YYijwk4m+8UBqmBkt6WQVc5AeWASmzHsxjh6/wqRK8up8dOmgS7uSbI+ wM+5c8AhvcBQlMkHQB58bMbcBKjxZVFeo/YYD8iglZ/o95Fflv+6d+Tv2Wh0s7Bb iKN2riLryC244OciEiNTjU9TpaofsmOAGvTddoJerZse43Az9av7B4xLWfhs6NRs LY6zk1Rj/QXF/U1CH9Lnxs84LfyuPDXuC1q+/jfYgbr7f1UZPrOV7wuQo7DksmHi V3T53mfg2qRqShjo/Ezxc+YMkfgmouGR4Nz2UQekOfphFqrHNCuB6Jmyh3NkaiA= =rx3x -----END PGP SIGNATURE----- |
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
