[squid-users] filter access.log

Wesley Mouedine Assaby squid at loel.fr
Fri Aug 28 07:18:09 UTC 2020


Hi,

I have the following logs :

1598547651.549 120818 192.168.100.105 TCP_TUNNEL/200 3234 CONNECT 
dmp.re:443 ericf HIER_DIRECT/213.186.33.2 -
1598547651.549 120726 192.168.100.105 TCP_TUNNEL/200 3234 CONNECT 
www.dmp.re:443 ericf HIER_DIRECT/213.186.33.2 -
1598547652.325      0 192.168.100.109 TCP_DENIED/407 3881 CONNECT 
g.live.com:443 - HIER_NONE/- text/html
1598547654.216     25 192.168.100.109 TCP_MISS/200 4973 GET 
http://192.168.100.89/nagios/cgi-bin/status.cgi? ericf 
HIER_DIRECT/192.168.100.89 text/html
1598547662.424      0 192.168.100.109 TCP_DENIED/407 3881 CONNECT 
g.live.com:443 - HIER_NONE/- text/html
1598547664.937     26 192.168.100.109 TCP_MISS/200 4978 GET 
http://192.168.100.89/nagios/cgi-bin/status.cgi? ericf 
HIER_DIRECT/192.168.100.89 text/html
1598547671.345 110538 192.168.100.116 TCP_TUNNEL/200 55246 CONNECT 
login.live.com:443 ericf HIER_DIRECT/40.90.22.187 -
1598547672.565      0 192.168.100.109 TCP_DENIED/407 4228 CONNECT 
g.live.com:443 - HIER_NONE/- text/html
1598547675.655     25 192.168.100.109 TCP_MISS/200 4974 GET 
http://192.168.100.89/nagios/cgi-bin/status.cgi? ericf 
HIER_DIRECT/192.168.100.89 text/html
1598547676.192      0 192.168.100.109 TCP_DENIED/407 3881 CONNECT 
g.live.com:443 - HIER_NONE/- text/html

Is it possible to remove log that is not authenticated (ldap) ?
I mean these lines :  *- HIER_NONE/- text/html$

Thank's!

-- Eric


More information about the squid-users mailing list