Greetings all,
I wrote a simple "one-liner" that follows the access.log and formats the output in a useful way (for me anyway). It's designed for FreeBSD and requires awk/gawk/mawk etc.
Here's the "script" (all on one line, or put it into a file) :)
<<< START >>>
clear ; tail -F /var/log/squid/access.log | \
awk '{ \
printf("%8.2f Kb\t%-16s %s\t%s - %s\n" \
,$5/1024,$8,$7,$10,substr($4,5,(match(4,/\//)-5))) \
}'<<< END >>>
replace "tail -F" with "tail --follow=name" for Linux.
The output is real-time and looks like this:
(size kb) (user) (url) (data type) (TCP response)
| | | | |
V V V V V
1.96 Kb USR1 http://foo.example.com text/html - DENIED
10.78 Kb USR2 http://bar.example.com text/html - MISS
0.56 Kb USR3 http://baz.foo.com/index.htm text/html - MISS
8.47 Kb USR1 http://foo.example.com text/html - MISS
112.97 Kb USR3 http://baz.foo.com/123.jpeg image/jpeg - HIT
...etcIt's useful for me to keep a passing eye on what's going on, but would scroll way too fast on really busy squid servers. YMMV.
Cheers,
James Gray ______________________________ I.T. Manager - Asia Region Open Channel Solutions Sydney NSW 2000, Australia
