Re: [squid-users] Selective Logging

From: Robert Collins <robert.collins@dont-contact.us>
Date: Tue, 5 Jun 2001 19:09:03 +1000

----- Original Message -----
From: "Simon Allenby" <simona@projtel.co.uk>
To: "Joe Cooper" <joe@swelltech.com>
Cc: "Squid Users" <squid-users@squid-cache.org>
Sent: Tuesday, June 05, 2001 6:43 PM
Subject: Re: [squid-users] Selective Logging

> >Shouldn't be too difficult to make a simple perl script to pull out
only
> >external requests. As far as I know, without attacking the Squid
code,
> >you won't be able to use ACLs for logging decisions. A perl script
> >would be a lot easier, and work just fine.
>
>
> The only problem I have with this is ownership of the file. I run
Squid with
> an effective user of squid, not root. When I run the file through a
> filtering script either as root, or even su'd to squid, the ownership
of the
> access log changes to root, and squid throws it's teddies out of it's
cot
> because it then can't write to the file. I appreciate that I can then
change
> the ownership of the file back to squid upon completion, but this is
not
> only a pain, but runs the risk of missing log entries while the filter
runs.
> Also, as log files grow, the size of the file this script has to deal
with
> grows to a large size. I run webalizer on the stats, and gather a
month's
> log at a time. By the end of the month, the log file can be huge, and
any
> processing of it is likely to take a while, meaning that more hits are
> likely to be lost. I would prefer not to upset Squid more than is
neccessary
> too...

Here's a hint:
Log rotation is your friend. Filter your logs _after_ they are no longer
the active log. Then no log entires are missed under any circumstances,
and your issues with ownership go away.

Rob

>
> Is this the only way, or does anybody have any further
comments/suggestions?
>
> As ever, any thoughts are appreciated.
>
> Simon
>
> ------------------------------------------------------------
> Simon Allenby - IT - Project Telecom
> email - simona@projtel.co.uk
> Direct line 01636 615200
>
>
> ------------------------------------------------------------
> This communication is confidential and is intended
> only for the person to whom it is addressed.
> If you are not that person you are not permitted to
> make use of the information and you are requested
> to destroy the copy in your possession immediately.
> ------------------------------------------------------------
>
Received on Tue Jun 05 2001 - 03:09:20 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:28 MST