Hi everybody.
We installed squid 2.5 a few months ago and we are in need of help.
Using Perl, I am trying to determine the time a user spent per site
visited by parsing access.log.
For example: This particular user had 12 "hits" on the same site.
<1st line> 1059393881.234 104 <ourserverIP> TCP_REFRESH_HIT/304 296
GET http://cdn.netscape.com/wpt_tonr_03/200304221104_db_h1_i1_1_0 <user>
DIRECT/64.12.54.217 -
<10more lines in between>
<last line> 1059393881.453 99 <ourserverIP> TCP_REFRESH_HIT/304 296
GET http://cdn.netscape.com/wpton_03/dot_d2c9ab <user> DIRECT/64.12.54.249 -
My questions are :
1 - Is the elapsed time - 104 (first line) - the amount of time the user
spent when connected or, is it just the time taken to establish the
connection?
2 - For this purpose, is it better/more accurate to use the timestamps
- 1059393881.234 (line one) - and go from there?
3 - Some of the "hits" - same http - do not contain the user (want to
parse using username) in it. Why? I read the FAQ about the rfc931 but
what puzzles is that when the user is visiting the same site, squid
sometimes does not record username; ident_lookups is on.
4 - Is there a way to have the individual<workstationIP> logged as the
client request ip instead of <ourserverIP>?
Sorry if I sound confusing but thanks for all the help.
Sergio
--
°v° Sergio Chaves °v°
/(_)\ www.turbocorp.com /(_)\
^ ^ Enhanced Solutions Computing ^ ^
770.532.2239
Linux User#221305
Received on Thu Jul 31 2003 - 07:59:31 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:22 MST