Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Possible to log Squid access logs remotely?

Posted on 2011-02-23
3
Medium Priority
?
1,174 Views
Last Modified: 2012-05-11
Hi guys,

We have a requirement to log all internet traffic through our 300+ sites. All sites have a standard Centos based server setup, and I was thinking of running squid to log all access attempts by clients in these remote sites.

Is there any decent way of getting these logs in a remote database, where we can record and view details like websites visited etc (using something like AWStats). I have been reading up upon Squid parent Cache and it could possibly do what I want to achieve.

Other option is to run a cron job to manually copy these access logs to the remote syslog server, then running MySQL Squid Access Report on this one server/or running AWStats to collect this information.

Any suggestions on what the best path would be much appreciated. I would love to know how others do it or what are the best practices.
0
Comment
Question by:demon777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Kent W
ID: 34965637
You can, but be warned..if the connection between the two aren't substantial, you will saturate the link.
Squid logs massively by default.

http://eric.lubow.org/2007/system-administration/syslog-ng-and-squid-logging/
0
 
LVL 1

Author Comment

by:demon777
ID: 34965693
Thanks that's a very helpful link. I'm just reading up on it, we don't have syslog-ng on our 300+ servers so it would have to rolled out.
Is there any way to do this through the normal syslog?
0
 
LVL 12

Accepted Solution

by:
Kent W earned 2000 total points
ID: 34965811
You can, using traditional syslodg/klogd, but beware, this is only UDP, so you have to be able to get those packets reliable to your logging facility server.
-ng supports TCP also, so it works better over hops.  If your logging server is local, though, UDP should work fine.  You would use the facilities just like any other remote loggin in Linux.  

This will explain how do to them both.

http://www.enterprisenetworkingplanet.com/netos/article.php/3521481/Enhance-Security-with-a-Linux-Logging-Server.htm
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question