Squid access logging only specific ACLs

access-control-listloggingsquid

In squid, is it possible to enable access logging only on a specific ACL?

If so, how?

We have done quite a few searches and were unable to find the proper conf syntax 🙁

Best Answer

acl log_this src x.x.x.x. y.y.y.y.y z.z.z.z.z
access_log /var/log/squid common log_this

Related Solutions

How to block website access using squid

In addition to what otheres have suggested, Squid can be configured to talk to other proxy servers either as parents or peers. You can use a filtering proxy alongside squid to block the sites that you want to block. You can search for examples of squid+privoxy or squid+dansguardian.

Apache vhost-specific logging

Try to put the SecAuditLog entry into the setting for each of your virtual hosts.

Something like this (setup can look a little bit different but this is a basic setting). ~~Also you could check your other log entries (CustomLog, ErrorLog etc) for possible wildcards to insert.~~

domain1.conf
============
<VirtualHost *:80>
  ServerAdmin postmaster@domain1.com
  ServerName www.domain1.com

  SecAuditLog "/var/www/vhosts/domain1/statistics/logs/modsec_audit.log"
  # lots of more setting goes here
  # ...
</VirtualHost>

domain2.conf
============
<VirtualHost *:80>
  ServerAdmin postmaster@domain2.com
  ServerName www.domain2.com

  SecAuditLog "/var/www/vhosts/domain2/statistics/logs/modsec_audit.log"
  # lots of more setting goes here
  # ...
</VirtualHost>

Best Answer

Related Solutions

How to block website access using squid

Apache vhost-specific logging

Related Topic