On 1/16/20 3:06 AM, Kornexl, Anton wrote: > I see many requests with CONNECT https:443 in my access.log > How are these entries triggered? These records are logged when your Squid is done with an HTTP CONNECT tunnel or after Squid intercepts a TLS connection. In very broad terms, they are a sign that your Squid participates in HTTPS transactions. Normally, there should be more than "https:443" in those CONNECT records. > They produce errors in some accounting scripts Consider either fixing the scripts or, if losing information about CONNECT tunnels is acceptable to your accounting, filtering CONNECT records out before giving the logs to the scripts. You can also configure Squid to stop logging CONNECT transactions (using access_log ACLs), but I do not recommend hiding the truth that may be critical in a triage. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
