Solved

Possible to log Squid access logs remotely?

Posted on 2011-02-23
3
1,101 Views
Last Modified: 2012-05-11
Hi guys,

We have a requirement to log all internet traffic through our 300+ sites. All sites have a standard Centos based server setup, and I was thinking of running squid to log all access attempts by clients in these remote sites.

Is there any decent way of getting these logs in a remote database, where we can record and view details like websites visited etc (using something like AWStats). I have been reading up upon Squid parent Cache and it could possibly do what I want to achieve.

Other option is to run a cron job to manually copy these access logs to the remote syslog server, then running MySQL Squid Access Report on this one server/or running AWStats to collect this information.

Any suggestions on what the best path would be much appreciated. I would love to know how others do it or what are the best practices.
0
Comment
Question by:demon777
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Kent W
ID: 34965637
You can, but be warned..if the connection between the two aren't substantial, you will saturate the link.
Squid logs massively by default.

http://eric.lubow.org/2007/system-administration/syslog-ng-and-squid-logging/
0
 
LVL 1

Author Comment

by:demon777
ID: 34965693
Thanks that's a very helpful link. I'm just reading up on it, we don't have syslog-ng on our 300+ servers so it would have to rolled out.
Is there any way to do this through the normal syslog?
0
 
LVL 12

Accepted Solution

by:
Kent W earned 500 total points
ID: 34965811
You can, using traditional syslodg/klogd, but beware, this is only UDP, so you have to be able to get those packets reliable to your logging facility server.
-ng supports TCP also, so it works better over hops.  If your logging server is local, though, UDP should work fine.  You would use the facilities just like any other remote loggin in Linux.  

This will explain how do to them both.

http://www.enterprisenetworkingplanet.com/netos/article.php/3521481/Enhance-Security-with-a-Linux-Logging-Server.htm
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now