search

opc40772 / Squid-Graylog

Parsing Squid logs in Graylog
GNU General Public License v3.0
2 stars 7 forks source link

readme

Squid-Graylog

Graylog Server.

Graylog version: 2.4

Elasticsearch version: 5.6.8

Create indice for Squid. In System / Indices. The index prefix must be squid as the image show. This is important for the proper functioning of the streams. alt text

Content Pack

alt text

Import de file in forder Content Pack and upload it.

alt text

Select squid from the list

alt text

alt text

And apply the content

alt text

Edit squid stream and select the index previusly created.

alt text