e2Guardian - Squid format

[2w-consultoria]

Hi, i need some help to understand wath is wrong in this log:

Squd log format:

1544744705.587      0 192.168.1.206 TCP_MISS/0 0 - https://127.0.0.1 192.168.1.206 DEFAULT_PARENT/ -
1544744710.756      0 192.168.1.206 TCP_DENIED/403 0 - https://graph.facebook.com 192.168.1.206 DEFAULT_PARENT/ -
1544744731.673  68823 192.168.1.125 TCP_MISS/0 30973 - https://fe2.update.microsoft.com 192.168.1.125 DEFAULT_PARENT/ -
1544744735.564 120128 192.168.1.223 TCP_MISS/0 325 - https://connectivitycheck.gstatic.com 192.168.1.223 DEFAULT_PARENT/ -
1544744737.534 120355 192.168.1.206 TCP_MISS/0 6691 - https://rj.a-mo.net 192.168.1.206 DEFAULT_PARENT/ -
1544744738.035      0 192.168.1.206 TCP_DENIED/403 0 - https://mqtt-p4.facebook.com 192.168.1.206 DEFAULT_PARENT/ -
1544744744.859   1673 192.168.1.103 TCP_MISS/0 5977 - https://mc100mcprodstorage.table.core.windows.net 192.168.1.103 DEFAULT_PARENT/ -
1544744746.547   1101 192.168.1.103 TCP_MISS/200 0 GET http://eventtrack.pandasecurity.com/track/campaign/details.html?FileVersion=4.0.0.4&_ei=3753FCE1-4471-4B2B-AA6B-C5208D5BB469&_es=1&_et=stoast&_lt=20181213234602&campaignid=4019&error=8015 192.168.1.103 DEFAULT_PARENT/ -

Squidanalyzer output:

SquidAnalyzer version 6.6
SQUID LOG HISTORY TIME: Thu Dec 13 10:05:38 2018 - HISTORY OFFSET: 7274496
Starting to parse logfile /var/log/e2guardian/access.log.
Reading file /var/log/e2guardian/access.log from offset 7274496 to end.
No new log registered...
DEBUG: the log statistics gathering took: 1 wallclock secs ( 0.41 usr +  0.00 sys =  0.41 CPU)
Skipping HTML build.
DEBUG: generating HTML output took: 0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
DEBUG: total execution time: 1 wallclock secs ( 0.41 usr +  0.00 sys =  0.41 CPU)

Thanks.

[darold]

Hi,

This is because of the empty log server or peer names (%<A) in log entries. Commit cf736a0 add support to it.

Regards,

[2w-consultoria]

Thanks, works fine now!