I want to search some word or one line from squid proxy logs , But graylog show all words in timestamp that message

Graylog Central (peer support)
1

i want to search some word or one line from squid proxy logs
, But graylog show all words in timestamp that message

Example : search message:github.com
sadasdasd

Please help me

2

:cold_sweat: Pls help

3

Looks like you ingestion is not good, what are you using to collect and send the logs to graylog?

It seems you have the entire file (or at least a group of lines) in one message, when you would have one message per line, processes as squid log.

Have a look at https://marketplace.graylog.org/addons/bd3efa5f-6ccb-47ce-97ea-6ebe0270a9c7 for an idea of implementation

4

how did you ingest this files? as @zorel already wrote you might rethink that.

5

@zorel Update for information my config on squid.conf “ access_log udp://192.168.1.5:514 common “

6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.