[squid-users] Long Group TAG in access.log when using kerberos
David Touzeau
david at articatech.com
Wed Jan 31 14:23:29 UTC 2024
Hi %note is used by our external_acls and for log other tokens
And we use also Group as token.
it can disabled by direcly removing source kerberos code before
compiling but i would like to know if there is another way
Le 31/01/2024 à 14:36, Andrey K a écrit :
> Hello, David,
>
> > Anyway to remove these entries from the log ?
> I think you should correct logformat directive in your squid
> configuration to disable annotations logging (%note):
> http://www.squid-cache.org/Doc/config/logformat/
>
> Kind regards,
> Ankor.
>
>
>
>
>
> ср, 31 янв. 2024 г. в 15:51, David Touzeau <david at articatech.com>:
>
> Anyway to remove these entries from the log ?
>
> Le 31/01/2024 à 10:01, Andrey K a écrit :
>> Hello, David,
>>
>> group values in your logs are BASE64-encoded binary AD-groups SIDs.
>> You can try to decode them by a simple perl script sid-reader.pl
>> <http://sid-reader.pl> (see below):
>>
>> echo AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShhgBAA== | base64 -d | perl
>> sid-reader.pl <http://sid-reader.pl>
>>
>> And finally convert SID to a group name:
>> wbinfo -s S-01-5-21-407062282-1694779757-312552118-71814
>>
>> Kind regards,
>> Ankor
>>
>>
>> *sid-reader.pl <http://sid-reader.pl>:*
>> #!/usr/bin/perl
>> #https://lists.samba.org/archive/linux/2005-September/014301.html
>>
>> my $binary_sid;
>> my @parts;
>> while(<>){
>> push @parts, $_;
>> }
>> $binary_sid = join('', @parts);
>>
>> my($sid_rev, $num_auths, $id1, $id2, @ids) =
>> unpack("H2 H2 n N V*", $binary_sid);
>> my $sid_string = join("-", "S", $sid_rev, ($id1<<32)+$id2, @ids);
>> print "$sid_string\n";
>>
>>
>> вт, 30 янв. 2024 г. в 18:49, David Touzeau <david at articatech.com>:
>>
>>
>> Hi when using Kerberos with Squid when in access log a long
>> Group tags:
>>
>> I would like to know how to disable Squid to grab groups
>> suring authentication verification and in other way, how to
>> decode Group value
>>
>> example of an access.log
>>
>> |1706629424.779 130984 10.1.12.120 TCP_TUNNEL/500 5443
>> CONNECT eu-mobile.events.data.microsoft.com:443
>> <http://eu-mobile.events.data.microsoft.com:443> leblud
>> HIER_DIRECT/13.69.239.72:443 <http://13.69.239.72:443> -
>> mac="00:00:00:00:00:00"
>> user:%20leblud%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESBsMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESBaAAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESj34AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESQbcAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESlPQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESNZUAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES/MMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESh5wAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESuc4AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESl8QAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES0AUBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESGnsAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESihgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESnsEAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES8QYBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESNtcAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESX+0AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES8KMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShxUBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShMcAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES0XgAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESMwIBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESQSUBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESAQIAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESufYAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESNAkBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESccMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEStdYAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESFXkAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESb6EAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESFcAAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESluoAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESaLkAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESxY8AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES2cEAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESJ5wAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEST/MAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESLaEAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESlvQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESPLkAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShxgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES98IAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShPgAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESaHsAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESmegAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESiRgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES/tgAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES5IEAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESN9cAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESbQEBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESjZwAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESmsQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESvtIAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESGAEBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESePYAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESfp0AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESuj0AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESA8gAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES7p8AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESQuAAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESZ50AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESJ8AAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESdu0AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESjPYAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESgSUBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESs9YAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESCBQBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESjBgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES4gIBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESVaUAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES730AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESiBgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESGQgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESttYAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES8P0AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES3g0BAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES2sMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESaQ0BAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESuvsAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESKNEAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShscAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESDTsAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES6HsAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESZ3sAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESTvMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES3HgAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESJdkAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES5YcAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES6AUBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESd/YAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESUsQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESz3gAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES2+0AAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShhgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESMLEAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESP+AAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESk/QAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESTfoAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESixgBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqEShccAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESVwoAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESQuwAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESA9AAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESQcMAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES0QUBAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESQOAAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESu5wAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESYcIAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESE9MAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES7oQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES9YQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES9oQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESd5EAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES84QAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES8oQAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqES74QAAA==%0D%0Agroup:%20AQUAAAAAAAUVAAAACkdDGG1JBGW2KqESgHsAAA==%0D%0Agroup:%20AQEAAAAAABIBAAAA%0D%0Aaccessrule:%20final_allow%0D%0Afirst:%20ERROR%0D%0Awebfilter:%20pass%0D%0Aexterr:%20invalid_code_431%0D%0A
>> ua="-" exterr="-|-"|
>>
>> --
>> David Touzeau - Artica Tech France
>> Development team, level 3 support
>> ----------------------------------
>> P: +33 6 58 44 69 46
>> www:https://wiki.articatech.com
>> www:http://articatech.net
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> https://lists.squid-cache.org/listinfo/squid-users
>>
>
> --
> David Touzeau - Artica Tech France
> Development team, level 3 support
> ----------------------------------
> P: +33 6 58 44 69 46
> www:https://wiki.articatech.com
> www:http://articatech.net
>
--
David Touzeau - Artica Tech France
Development team, level 3 support
----------------------------------
P: +33 6 58 44 69 46
www:https://wiki.articatech.com
www:http://articatech.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20240131/3e152915/attachment-0001.htm>
More information about the squid-users
mailing list