Home / server / Questions / 797415
Accepted
Massimo
Asked: 2016-08-18 07:45:21 +0800 CST

squid3 access.log TCP_DENIED

  • 772

In squid.conf we have some

http_access deny ACL

catching a lot of connection attempts, so filling the access.log with TCP_DENIED lines.

It is normal behaviour, but too much verbose for us. Is it possible to avoid logging these ones ?

best regards, Sala

logging squid

2 Answers

  1. Each HTTP request made through proxy should be logged in the proxy access log with the appropriate status, so squid does log it. So - nope, there is no such way, if you intend to use squid only. You can, however, set a fifo socket with a reader application from it as a log file for squid, and then manipulate the squid log lines in your log reader application, aggregating them in any way you want.

    • 2
  2. Best Answer

    The access_log directive in squid.conf defines where and how access.log data is to be logged. This directive can be followed with a list of ACLs which all must match for any given request to be logged to that output. http://www.squid-cache.org/Doc/config/access_log/

    You can do it like this:

     acl dontLog http_status 403
 access_log none dontLog
 access_log stdio:/var/log/squid/access.log squid

    ... or like this:

     acl dontLog http_status 403
 access_log stdio:/var/log/squid/access.log squid !dontLog
    • 1