.: November 2016

Cara mudah nak baca log squid proxy.

korang pernah kan view squid access log. pastu tak tau hujung pangkal pasal log tu. sebab waktu dia mcm ni.

^C[root@mail ~]# tail -f /var/log/squid/access.log
1478738828.951    180 192.168.0.6 TCP_MISS/304 345 GET http://w.usabilla.com/7e10fcc350b2.js? - DIRECT/52.62.87.45 -
1478738844.975    887 192.168.0.6 TCP_MISS/200 770 GET http://graph.facebook.com/? - DIRECT/31.13.74.1 application/json
1478739141.465      0 192.168.0.6 TCP_MISS/400 361 GET http://mail.routermen.tn.my:8080/squid-internal-dynamic/netdb - NONE/- -
1478739153.473      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
1478739453.476      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
1478742753.500      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
1478743053.509      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
1478746353.530      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
1478746653.554      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
1478746768.506      0 192.168.0.6 TCP_MISS/400 361 GET http://mail.routermen.tn.my:8080/squid-internal-dynamic/netdb - NONE/- -

mudah je . korang hanya perlu guna command seperti dibawah ni. baru la faham skit timestamp nye.

[root@mail ~]# tail -f /var/log/squid/access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e'
[Thu Nov 10 08:47:08 2016].951    180 192.168.0.6 TCP_MISS/304 345 GET http://w.usabilla.com/7e10fcc350b2.js? - DIRECT/52.62.87.45 -
[Thu Nov 10 08:47:24 2016].975    887 192.168.0.6 TCP_MISS/200 770 GET http://graph.facebook.com/? - DIRECT/31.13.74.1 application/json
[Thu Nov 10 08:52:21 2016].465      0 192.168.0.6 TCP_MISS/400 361 GET http://mail.routermen.tn.my:8080/squid-internal-dynamic/netdb - NONE/- -
[Thu Nov 10 08:52:33 2016].473      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
[Thu Nov 10 08:57:33 2016].476      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
[Thu Nov 10 09:52:33 2016].500      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
[Thu Nov 10 09:57:33 2016].509      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
[Thu Nov 10 10:52:33 2016].530      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
[Thu Nov 10 10:57:33 2016].554      0 192.168.0.6 TCP_MEM_HIT/200 607 GET http://mail.routermen.tn.my:8080/squid-internal-periodic/store_digest - NONE/- application/cache-digest
[Thu Nov 10 10:59:28 2016].506      0 192.168.0.6 TCP_MISS/400 361 GET http://mail.routermen.tn.my:8080/squid-internal-dynamic/netdb - NONE/- -

korang boleh juga guna command mcm ni

[root@mail ~]# cat /var/log/squid/access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e' | more
[Sun Nov  6 07:26:49 2016].816   3994 192.168.0.17 TCP_MISS/200 3487 CONNECT secure.informaction.com:443 - DIRECT/69.195.158.195 -
[Sun Nov  6 07:26:50 2016].122    293 192.168.0.17 TCP_MISS/000 0 POST http://ocsp.int-x3.letsencrypt.org/ - DIRECT/ocsp.int-x3.letsencrypt.org -
[Sun Nov  6 07:26:50 2016].198    231 192.168.0.17 TCP_MISS/200 952 POST http://ocsp.digicert.com/ - DIRECT/117.18.237.29 application/ocsp-response
[Sun Nov  6 07:26:50 2016].712    596 192.168.0.17 TCP_MISS/200 8356 GET http://api.mywot.com/0.4/update? - DIRECT/54.186.17.145 application/xml
[Sun Nov  6 07:26:51 2016].162    238 192.168.0.17 TCP_MISS/200 8356 GET http://api.mywot.com/0.4/update? - DIRECT/54.186.17.145 application/xml
[Sun Nov  6 07:26:51 2016].172    422 192.168.0.17 TCP_MISS/200 2268 POST http://ocsp2.globalsign.com/gsdomainvalsha2g2 - DIRECT/104.16.24.216 application/ocsp-respons
e
[Sun Nov  6 07:26:53 2016].420     60 192.168.0.17 TCP_MISS/200 952 POST http://ocsp.digicert.com/ - DIRECT/117.18.237.29 application/ocsp-response
[Sun Nov  6 07:26:57 2016].118    353 192.168.0.17 TCP_MISS/200 910 POST http://clients1.google.com/ocsp - DIRECT/216.58.196.46 application/ocsp-response
[Sun Nov  6 07:26:58 2016].254     62 192.168.0.17 TCP_MISS/200 952 POST http://ocsp.digicert.com/ - DIRECT/117.18.237.29 application/ocsp-response
[Sun Nov  6 07:27:03 2016].072     63 192.168.0.17 TCP_MISS/200 952 POST http://ocsp.digicert.com/ - DIRECT/117.18.237.29 application/ocsp-response
[Sun Nov  6 07:27:03 2016].098  15394 192.168.0.17 TCP_MISS/200 4192 CONNECT secure.mywot.com:443 - DIRECT/52.205.103.6 -
[Sun Nov  6 07:27:06 2016].480    235 192.168.0.17 TCP_MISS/200 1125 GET http://api.mywot.com/0.4/query? - DIRECT/54.186.17.145 application/xml
[Sun Nov  6 07:27:06 2016].676    255 192.168.0.17 TCP_MISS/200 17357 CONNECT s.ytimg.com:443 - DIRECT/216.58.196.46 -

Rabu, 23 November 2016

HTTP GET vs HTTPS GET parameter

Khamis, 10 November 2016

Siapa kah yg patut memerintah malaysia?