Sending Squid logs through syslog ports
Hello,
We are building a script to send squid access log records to
the Firewall Analyzer syslog ports.
If the squid access record is like this:
1146832641.987 2 192.168.1.1 TCP_DENIED/407 1748 GET http://xxxx/ - NONE/- text/html
we send a UDP packet like this:
<167>May 5 09:37:21 1146832641.987 2 192.168.1.1 TCP_DENIED/407 1748 GET http://xxx/ - NONE/- text/html
<167> means -> local4.debug
The messages are received but no report is generated.
If sending squid access records in this way is possible,
which is the message format spected by Firewall Analyzer.
Regards
Pablo
We are building a script to send squid access log records to
the Firewall Analyzer syslog ports.
If the squid access record is like this:
1146832641.987 2 192.168.1.1 TCP_DENIED/407 1748 GET http://xxxx/ - NONE/- text/html
we send a UDP packet like this:
<167>May 5 09:37:21 1146832641.987 2 192.168.1.1 TCP_DENIED/407 1748 GET http://xxx/ - NONE/- text/html
<167> means -> local4.debug
The messages are received but no report is generated.
If sending squid access records in this way is possible,
which is the message format spected by Firewall Analyzer.
Regards
Pablo
Topic Participants
support+user
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?