-
Notifications
You must be signed in to change notification settings - Fork 1
Access Log File Format
The log file format for the current log file format (types 5,6,7,8) follows:
-
Fields are tab delimited.
-
If usedashforblank is 'on' (default setting) blank fields are shown as '-' for better human readability.
-
Extra fields in log formats type 7,8 are given at end.
-
Time stamp(s) - Timestamp when request is completed in utime format - this format is easier to parse and to sort/merge logs.
-
e2g server name (blanked in log formats 6 and 8)
-
User name (note this will show ip or port number when these are used for authentication and no user name is available)
-
Client IP (if logclientnameandip = 'off' this field is skipped)
-
Client host name (if logclienthostnames = 'on' show DNS reverse look-up, otherwise show client IP)
-
URL requested
-
Type of request (GET, POST, etc)
-
HTTP response code (200 = OK, etc)
-
Size of response in bytes
-
Mime type
-
User agent (if loguseragent is 'on' - otherwise blank)
-
Squid result code - not used - always blank
-
Duration - length of time (in milliseconds) for request to complete.
-
Squid peer code - not used - always blank
-
E2g message number ( 0 if no message)
-
E2g Message in local language.
-
Block type - 0 = normal block (or no block), 1 = blocked by external scanner
-
Category matched
-
Filter group name
-
Filter group number
In v5.4 log formats 7, 8 have the following extra fields added:
-
Search terms - words searched - applies only to defined search sites
-
Extension combination field - more can be found on this field at the notes in the v5.4 release