Skip to content

Access Log File Format

Jump to bottom
Philip Pearce edited this page Jan 4, 2021 · 1 revision

Log File Format

The log file format for the current log file format (types 5,6,7,8) follows:

  • Fields are tab delimited.

  • If usedashforblank is 'on' (default setting) blank fields are shown as '-' for better human readability.

  • Extra fields in log formats type 7,8 are given at end.

  1. Time stamp(s) - Timestamp when request is completed in utime format - this format is easier to parse and to sort/merge logs.

  2. e2g server name (blanked in log formats 6 and 8)

  3. User name (note this will show ip or port number when these are used for authentication and no user name is available)

  4. Client IP (if logclientnameandip = 'off' this field is skipped)

  5. Client host name (if logclienthostnames = 'on' show DNS reverse look-up, otherwise show client IP)

  6. URL requested

  7. Type of request (GET, POST, etc)

  8. HTTP response code (200 = OK, etc)

  9. Size of response in bytes

  10. Mime type

  11. User agent (if loguseragent is 'on' - otherwise blank)

  12. Squid result code - not used - always blank

  13. Duration - length of time (in milliseconds) for request to complete.

  14. Squid peer code - not used - always blank

  15. E2g message number ( 0 if no message)

  16. E2g Message in local language.

  17. Block type - 0 = normal block (or no block), 1 = blocked by external scanner

  18. Category matched

  19. Filter group name

  20. Filter group number

In v5.4 log formats 7, 8 have the following extra fields added:

  1. Search terms - words searched - applies only to defined search sites

  2. Extension combination field - more can be found on this field at the notes in the v5.4 release

Clone this wiki locally