一不小心出了国
分类: 系统运维
2007-06-08 12:56:02
补丁下载的网址: http://devel.squid-cache.org/customlog/
http://devel.squid-cache.org/cgi-bin/diff2/customlog-2_5.patch?s2_5
下载后,把源代码 squid-2.5.STABLE11 目录名修改为 squid , 在和 squid 同级目录下下载补丁,运行:
patchadd -p0 < customlog-2_5.patch
然后重新编译 Squid:
./configure --prefix=/usr/local/squid --enable-delay-pools --enable-useragent-log --enable-referer-
log --enable-default-err-language=Simplify_Chinese --enable-x-accelerator-vary --enable-kill-parent-hack --enable-err-languages="Simplif
y_Chinese English" --with-pthreads --with-aio --enable-cache-digests --with-large-files
编译结束后, 在 squid.conf 中添加:
logformat combined %>a - %un [%{%d/%b/%Y:%H:%M:%S +0800}tl] "%rm %ru HTTP/%rv" %Hs %
cache_access_log /var/squid/logs/access.log combined
一个支持 combined 日志模式的 Squid 即告完成。
注意, 这里用了 +0800 ,绕过了使用 tl 的 %z 或者 %Z 的问题,用 z% ,将显示为 25%z ,可能是 patch 有问题。
squid2.6及以上的版本不需要打该补丁,只需要将日志格式改了就可以用!
Squid custom log format
Basic syntax: %...field where ... is an optional field width. On numeric fields the output will be 0 padded if the field width starts with a 0. If the field width starts with a - then the output will be aligned right within the field.
Field names
Field name syntax keys:
{} modifier or argument. Also used to specify header names
> request (client)
< reply (server)
a address
A address name
h all headers
i ident
p port
r request line (no query)
t time
u user
l local address/port (where request was accepted)
%>a
Client source IP address
%>A
Client FQDN
%>p
Client source port
%
Server or peer IP address
%
Server or peer port number
%
Server IP address or peer name
%la
Local IP address where the request was accepted
%lp
Local port where the request was accepted
%lA
Local port name where the request was accepted
%ts
Date of request, seconds since epoch
%{format}tl
Date of request, strftime format (localtime)
%{format}tg
Date of request, strftime format (gmt)
%tu
Date of request, sub-second component
%tr
Time to serve the request, in milliseconds
%{header}>h
Request header
%{header:element}>h
Named request header field element (list headers)
%{header:separator element}>h
Named request header field element, using "separator" as field separator (it can be any non-alphanumeric single character)
%>h
All request header
%{header}
Request headers, as for <..h above
%un
Authenticated user name or dash
%
Authenticated user realm or dash
%us
Authenticated user scheme or dash
%ui
Ident user name
%Hs
HTTP status code (200, 404, 407, etc)
%Ht
HTTP status text (Not found, etc)
%Ss
Squid status code (TCP_HIT, TCP_MISS etc)
%Se
Squid error code (ERR_DENIED, ERR_...)
%Sh
Squid hierarchy code (FIRST_UP_PARENT, etc)
%mt
MIME type of the request
%rm
Request method
%ru
Request URL, without the query string
%rq
Request query string, including ?
%rp
Request protocol (i.e. HTTP/1.1)
%ps
Peer selection status (DIRECT, PARENT, CD_PARENT_HIT, etc. including the TIMEDOUT_ variant)
%>sl
Size of request line
%>sh
Size of request headers, including request line
%>sH
Size of request headers, excluding request line
%>sb
Size of request body, raw received bytes
%>sB
Size of request body, excluding transfer encoding
%>st
Total size of request
%
Size of reply status line
%
Size of reply headers, including status line
%
Size of reply headers, excluding status line
%
Size of reply body, raw transmitted bytes
%
Size of reply body, excluding transfer encoding
%
Total size of reply
%%
A literal %
