Squid logging for single ACLs

Squid offers the possibility to log events caused by a single ACL.

Doing this is simple:

Imagine the following two ACLs are defined:

...
acl mdlhosts dstdomain "/usr/local/etc/squid/rules/mdlhosts.squid"
acl mdlips dst "/usr/local/etc/squid/rules/mdlips.squid"
...


To enable logging to a separate logfile on every match of one of those ACLs two new access_log directives must be defined:


access_log /data/squid/logs/mdl.log combined mdlhosts
access_log /data/squid/logs/mdl.log combined mdlips

/data/squid/logs/mdl.log ist the location for the new log to be created, "combined" defines the logformat to be used, e.g.

logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh

The last parameter ist the name of the ACL defined before.
In the example above a single logfile is used for both ACLs.

To activate the changes simply issue a "squid -k reconfigure".