How to parse your squid logs using squid analyzer

This article will explain what a proxy server is and will then go ahead to explain how to parse squid access.log files using Squid Analyzer.

Squid is a caching proxy that accepts requests for URLs for the client and returns them. Proxies work well in network environments that do not have direct access to the internet. Where clients do not have direct access to the internet but still need to view web pages, the proxy program reduces bandwidth utilization and increases the rate of response times by caching and reusing frequently requested web pages. Since the early 90s squid has been used by ISP to reduce latency and increase faster download speeds.

The proxy program has extra access controls that makes it a great server accelerator. It has the ability to act as a load-balancer.

Squid Analyzer

squid analyzer is a program that parses the raw access.log file and generates general statistics of hits, bytes-usage, url, and users. It generates great graphic reports.

installation

squid analyzer depends on perl, download the latest programs of perl and squid analyzer and install.

perl -v
where perl is missing download it from the source or on debian/ubuntu distributions use the command
sudo apt-get install perl
on redhat/cent os distribution , you can install using this command
sudo yum install perl
once install you need root priviledges to create a folder within the home directory and to install squid-analyzer..
tar zxcf squidanalzyzer-5.2.tar.gz
/home/squid-analyzer-5.2/install_all.sh
 next will be to configure apache or the http server you  are running to recognize the squid analyzer by editing the http.conf being a web-based program
Alias /squidreport /var/www/squidanalyzer
Options -Indexes FollowSymLinks MultiViews
 AllowOverride None
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1
 restart apache program for changes take effect
service httpd restart
you can access the graphical reports using your browser

http://localhost/squidreports
front_page
graph_daily_megabyte_cache_stats graph_daily_request_cache_stats
Network statistics
list_ip_network_detail
MIME-TYPES
squid analyzer recognizes MIME-types as a standard identifier that shows what type of data is contained in files requested by the clients.
mime_types
Top-level domains
on top level domain you will see pie charts
top_domain_hits
top_domain_statistiques
Creating Cron Jobs 
using the crontab -e command you can add the following at the bottom of the file
# Erase squid cache
01 0 * * 6 /root/clear_cache_squid.sh
#
# Squid Analyzer
# Run everyday at 6.00 AM
0 2 * * * /usr/local/bin/squid-analyzer > /dev/null 2>&1
Advertisements