Changing Log Format on Squid to show Hostname rather than IP Address

Currently have Ubuntu 6.06 Server with Squid 2 and SARG to view reports. Wanting to get the logs to log what we want and not the default logging in Squid, by default SARG shows the IP address of the remote/client machine because squid logs that and we want it to show Machine Name instead due to networking being Dynamic IP's.

Have seen the LogFormat option but have been unable to get squid to restart after adding that line.

Would like to log
"Date / Time / Remote Hostname / Site Visited / Download Size / Time Spent at site / If it is a Denied Site etc..."
I believe it is the same as the default except Remote Hostname instead of IP Address
thorpey83Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

omarfaridCommented:
Please see the topic below in the links:

Field Definitions -> remotehost

http://proxy.nsysu.edu.tw/FAQ/FAQ-6.html
http://proxy.nsysu.edu.tw/FAQ/FAQ-3.html#ss3.4
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Duncan RoeSoftware DeveloperCommented:
The problem with loggers and host names is that to convert an IP address to a host name requires reverse DNS lookup. This may be either
-slow, resulting in other log messages being lost, or
- unsuccessful anyway.

You could cruft up a post-processor to do the conversion: you'd probably want to keep a cache of resolved IP's and resolving a new one is achieved by dig, e.g

19:35:46$ dig -x 64.156.132.253|grep 64.156.132.253|grep -v DiG|awk '{print substr($1,1,length($1)-1)}'
ns5.experts-exchange.com
0
thorpey83Author Commented:
omarfarid thanks but that is the site i saw the whole logformat thing but getting squid to actually recognise/restart after entering  the LogFormat="%>A" is another thing.

duncan_roe thanks for the advice but 1 went over my head also was hoping the squid would do it itself if i can change the format of the logs
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.