| -- Licensed to the Apache Software Foundation (ASF) under one |
| -- or more contributor license agreements. See the NOTICE file |
| -- distributed with this work for additional information |
| -- regarding copyright ownership. The ASF licenses this file |
| -- to you under the Apache License, Version 2.0 (the |
| -- "License"); you may not use this file except in compliance |
| -- with the License. You may obtain a copy of the License at |
| -- |
| -- http://www.apache.org/licenses/LICENSE-2.0 |
| -- |
| -- Unless required by applicable law or agreed to in writing, software |
| -- distributed under the License is distributed on an "AS IS" BASIS, |
| -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| -- See the License for the specific language governing permissions and |
| -- limitations under the License. |
| |
| -- WebTrends Enhanced Log Format. |
| -- |
| -- The following is compatible with the WebTrends Enhanced Log Format. |
| -- If you want to generate a log that can be parsed by WebTrends |
| -- reporting tools, simply create a log that uses this format. |
| welf = format { |
| Format = 'id=firewall time="%<cqtd> %<cqtt>" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg="%<cqup>" result=%<pssc> ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=%<crc>' |
| } |
| |
| -- Squid Log Format with seconds resolution timestamp. |
| -- |
| -- The following is the squid format but with a seconds-only timestamp |
| -- (cqts) instead of a seconds and milliseconds timestamp (cqtq). |
| squid_seconds_only_timestamp = format { |
| Format = '%<cqts> %<ttms> %<chi> %<crc>/%<pssc> %<psql> %<cqhm> %<cquc> %<caun> %<phr>/%<pqsn> %<psct>' |
| } |
| |
| -- Squid Log Format. |
| squid = format { |
| -- Format = '%<cqtq> %<ttms> %<chi> %<crc>/%<pssc> %<psql> %<cqhm> %<cquc> %<caun> %<phr>/%<pqsn> %<psct>' |
| Format = 'ts=%<cqtq> url=%<cqu> host=%<{Host}cqh> duration=%<ttms> status=%<pssc> cache=%<crc> ostatus=%<sssc> uurl=%<cquuc> conn=%<cfsc>/%<pfsc> ip=%<chi> cqhm=%<cqhm> pscl=%<pscl> uuid=%<{X-Yahoo-Request-Id}pqh> bucket=%<{Bucket}cqh> ybucket="%<{Y-Bucket}cqh>" dcdevice=%<{X-Yahoo-Dc-Device-Type}cqh> dcrobot=%<{X-Yahoo-Dc-Robot}cqh> loggedin=%<{X-Yahoo-Logged-In}cqh> dcbver=%<{X-Yahoo-Dc-Browser-Version}cqh> dcosname="%<{X-Yahoo-Dc-Os-Name}cqh>" dcosver=%<{X-Yahoo-Dc-Os-Version}cqh> dcbname="%<{X-Yahoo-Dc-Browser-Name}cqh>" bcookie=%<{X-Media-B-Cookie}cqh> crawler=%<{X-Failsafe-Crawler}cqh> epipe=%<{X-Media-Edge-Pipe}cqh> age=%<{Age}ssh> spdy=%<{X-Yahoo-Spdy}pqh> yra=%<{Y-RA}cqh> abuse="%<{x-safe-overlimit-filters}cqh>" bblock=%<{x-blackbird-classification}cqh> rid=%<{Y-RID}pqh> origin_duration=%<stms> dnsms=%<{TS_MILESTONE_DNS_LOOKUP_END-TS_MILESTONE_DNS_LOOKUP_BEGIN}msdms> pluginact=%<{TS_MILESTONE_PLUGIN_ACTIVE-TS_MILESTONE_SM_START}msdms> plugintot=%<{TS_MILESTONE_PLUGIN_TOTAL-TS_MILESTONE_SM_START}msdms> badreq=%<{@x-bad-request-type}cqh> escalate_redirect=%<{X-Escalate-Redirect}pqh> endpoint_override=%<{X-Media-Endpoint-Override}pqh> gtpass=%<{x-guce-trap-passthru}cqh> cqssv=%<cqssv> cqssc=%<cqssc> sftover=%<{x-safet-overlimit-rules}cqh> sftcls=%<{x-safet-classification}cqh> sftbadclf=%<{x-safet-bad-classifiers}cqh> sftmat=%<{x-safet-matched-rules}cqh> ydodmat=%<{x-ydod-matched-filters}cqh> phr=%<phr>/%<pqsn> ctype=%<{@X-Media-Cookie-Type}cqh>' |
| } |
| |
| -- Common Log Format. |
| common = format { |
| Format = '%<chi> - %<caun> [%<cqtn>] "%<cqtx>" %<pssc> %<pscl>' |
| } |
| |
| -- Extended Log Format. |
| extended = format { |
| Format = '%<chi> - %<caun> [%<cqtn>] "%<cqtx>" %<pssc> %<pscl> %<sssc> %<sscl> %<cqcl> %<pqcl> %<cqhl> %<pshl> %<pqhl> %<sshl> %<tts>' |
| } |
| |
| -- Extended2 Log Formats |
| extended2 = format { |
| Format = '%<chi> - %<caun> [%<cqtn>] "%<cqtx>" %<pssc> %<pscl> %<sssc> %<sscl> %<cqcl> %<pqcl> %<cqhl> %<pshl> %<pqhl> %<sshl> %<tts> %<phr> %<cfsc> %<pfsc> %<crc>' |
| } |
| |
| log.ascii { |
| Format = squid, |
| Filename = 'squid' |
| } |
| |
| -- vim: set ft=lua : |
| |