Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Possible to log Squid access logs remotely?

Posted on 2011-02-23
3
Medium Priority
?
1,187 Views
Last Modified: 2012-05-11
Hi guys,

We have a requirement to log all internet traffic through our 300+ sites. All sites have a standard Centos based server setup, and I was thinking of running squid to log all access attempts by clients in these remote sites.

Is there any decent way of getting these logs in a remote database, where we can record and view details like websites visited etc (using something like AWStats). I have been reading up upon Squid parent Cache and it could possibly do what I want to achieve.

Other option is to run a cron job to manually copy these access logs to the remote syslog server, then running MySQL Squid Access Report on this one server/or running AWStats to collect this information.

Any suggestions on what the best path would be much appreciated. I would love to know how others do it or what are the best practices.
0
Comment
Question by:demon777
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Kent W
ID: 34965637
You can, but be warned..if the connection between the two aren't substantial, you will saturate the link.
Squid logs massively by default.

http://eric.lubow.org/2007/system-administration/syslog-ng-and-squid-logging/
0
 
LVL 1

Author Comment

by:demon777
ID: 34965693
Thanks that's a very helpful link. I'm just reading up on it, we don't have syslog-ng on our 300+ servers so it would have to rolled out.
Is there any way to do this through the normal syslog?
0
 
LVL 12

Accepted Solution

by:
Kent W earned 2000 total points
ID: 34965811
You can, using traditional syslodg/klogd, but beware, this is only UDP, so you have to be able to get those packets reliable to your logging facility server.
-ng supports TCP also, so it works better over hops.  If your logging server is local, though, UDP should work fine.  You would use the facilities just like any other remote loggin in Linux.  

This will explain how do to them both.

http://www.enterprisenetworkingplanet.com/netos/article.php/3521481/Enhance-Security-with-a-Linux-Logging-Server.htm
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question