I want to search some word or one line from squid proxy logs , But graylog show all words in timestamp that message

tanawat.cha · July 22, 2019, 6:49pm

i want to search some word or one line from squid proxy logs
, But graylog show all words in timestamp that message

Example : search message:github.com
sadasdasd

Please help me

tanawat.cha · July 23, 2019, 9:40am

Pls help

zorel · July 23, 2019, 9:57am

Looks like you ingestion is not good, what are you using to collect and send the logs to graylog?

It seems you have the entire file (or at least a group of lines) in one message, when you would have one message per line, processes as squid log.

jan · July 23, 2019, 11:50am

how did you ingest this files? as @zorel already wrote you might rethink that.

tanawat.cha · July 23, 2019, 12:14pm

@zorel Update for information my config on squid.conf “ access_log udp://192.168.1.5:514 common “

system · August 6, 2019, 12:14pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Duplicate Messages in one Index Graylog Central (peer support)	2	907	February 5, 2020
How to load old squid logs to graylog/opensearch index? Graylog Central (peer support)	7	768	November 23, 2022
Graylog streams search assitance Graylog Central (peer support)	1	326	April 23, 2018
Sending LOGS to GRAYLOG from SQUID PROXY Graylog Central (peer support)	2	1205	March 12, 2018
How to search logs with graylog Graylog Central (peer support)	6	9346	August 2, 2018