Hi everyone,
I have what will probably be a pretty simple question... unfortunately I
need to provide a few details to help explain what I'm trying to do and
why.
One of the big uses of Squid to our managers is seeing how much time
employees are spending on the internet. To that extent, we've got Squint
installed for analyzing our logs and generating a shiny report that does
exactly that, and can be viewed in an html document hosted right on the
Squid box. Works great. We also authenticate with LDAP so requests can
be tied to user credentials in Squid. Again, works great.
Here's where the minor hiccup comes in:
I have an acl called 'passthrough' which is basically a list of
domains/keywords/etc that the proxy server will allow requests for
without prompting the user for their credentials. This comes in handy
for programs that like to check for updates online, like Adobe Reader
and iTunes. Unfortunately for my purposes, requests that go through
unauthenticated are recorded in access.log by requestor IP address,
which subsequently gets parsed by Squint and adds gobs of useless
information to the report.
So, my question:
Is there any way to get Squid to exclude certain types of records from
access.log? Or would I be better off just beefing up our PAC file to
send these 'passthrough' requests around the proxy?
On second thought, I suppose I could just write and cron a perl script
that nukes lines containing an IP in our DHCP range right before Squint
updates. That feels messy though :)
Thanks everyone!
Jack
--------------------------------------------------------
This message (and any associated files) is the property of
S. R. Weiner and Associates Inc. and W/S Development Associates LLC
and is intended only for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
subject to copyright or constitutes a trade secret. If you are not
the intended recipient you are hereby notified that any dissemination,
copying or distribution of this message, or files associated with this
message, is strictly prohibited. If you have received this message
in error, please notify us immediately by calling our corporate office
at 617-232-8900 and deleting this message from your computer.
Internet communications cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. Therefore, S. R. Weiner
and Associates, Inc. and W/S Development Associates LLC do not accept
responsibility for any errors or omissions that are present in this
message, or any attachment, that have arisen as a result of e-mail
transmission. If verification is required, please request a hard-copy
version of this message.
Any views or opinions presented in this message are solely those of
the author and do not necessarily represent those of the company.
Received on Wed Oct 28 2009 - 14:27:01 MDT
This archive was generated by hypermail 2.2.0 : Thu Oct 29 2009 - 12:00:04 MDT