Using Smartfilter, and Squid access logs, I don't see a category.

<< Back to Knowledge Search



When I run a policy trace, I am seeing category in each transaction (by smartfilter).  However, the accesslog , which is configued for the squid format,  doesn't contain a category.  Can you explain why?

What fields does a squid access log contain?

Does a squid access log contain a field for category?

Can I use a squid access log, and expect Bluecoat Reporter to process it properly?


Bluecoat Reporter is not designed to process Squid access logs. The format of a Squid Access log does not contain a category field, and hence, while the SG policy finds a category for each websites,  there is no field for category in this access log.  For more information on the access log fields, please see this WIKI page - Squid log files.

Here's an exmple of a policy that is configured for the Squid log format - the log is called CIFS which is only the name, but the access log type is squid, which I've highlighted.

!- BEGIN access_logging
access-log  ;mode
max-log-size 65000
overflow-policy delete
early-upload 55000
edit log main ;mode
format-name squid
ftp-client primary host 2
ftp-client primary path "/"
ftp-client primary username jnoname
ftp-client primary encrypted-password "** Password suppressed **"
ftp-client pasv no
client-type ftp
early-upload 60000
remote-size 65000
connect-wait-time 900
periodic-upload upload-interval daily 4
edit log streaming ;mode
early-upload 45000
edit log ssl ;mode
format-name squid
early-upload 60000
remote-size 65000
edit log cifs ;mode
format-name squid
early-upload 60000
remote-size 65000
edit log mapi ;mode
early-upload 45000
edit log im ;mode
early-upload 45000
edit log p2p ;mode
early-upload 45000
!- END access_logging

NOTE: For a Blue Coat Reporter solution we suggest you process access logs that confirm to the MAIN type  format and not use squid 000021974Often a access log may be called Main, but is configured to use another Access log type, such as squid, so be sure you are confirming the Access Log Type,  as per this article, and not merely the name.

Additional Information
Bug Number
InQuira Doc IdKB3752

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/30/2014
Last Published      10/30/2014
Article Audience
Topic      Access Logging, Content Filtering, Log Processing, Reporting
Article Number      000014470
Was this helpful?
Previous MonthNext Month