How to read date time in Squid accsess.log with human-readable format

Logo Squid adalah milik squid-cache.org Bagaimana ya caranya mengubah format access log Squid kedalam format yang lebih manusiawi? Sering kali kita pengen mengakses langsung access.log Squid dari console. Tapi, dengan mengakses langsung ke file access.log dari console salah satu kendala utamanya adalah time format Unix yang digunakan oleh Squid.

Kira-kira begini lah contohnya:

[root@squid etc]# tail /var/log/squid/access.log

1243577090.172    151 10.11.12.13 TCP_IMS_HIT/304 367 GET http://openx.detik.com/images/607x75_5.swf - NONE/- application/x-shockwave-flash
1243577090.172    359 10.11.12.13 TCP_MISS/200 603 GET http://openx.detik.com/delivery/lg.php? - DIRECT/203.190.241.40 image/gif
1243577090.394    373 10.11.12.13 TCP_MISS/403 314 HEAD http://kompas.realviewusa.com/djvu/Kompas/Kompas/26-Jan-1374/webimages/page0000001_large.jpg - DIRECT/210.87.32.80 text/html
1243577090.802    317 10.11.12.13 TCP_MISS/403 314 HEAD http://kompas.realviewusa.com/djvu/Kompas/Kompas/25-Jan-1374/webimages/page0000001_large.jpg - DIRECT/210.87.32.80 text/html
1243577091.021   2491 10.11.12.13 TCP_MISS/200 6622 GET http://platform.ak.facebook.com/www.new/app_full_proxy.php? - DIRECT/219.83.126.9 image/jpeg
1243577091.021   3429 10.11.12.13 TCP_MISS/200 5012 GET http://photos-a.ak.fbcdn.net/hphotos-ak-snc1/hs030.snc1/4295_86506658804_615283804_1787304_5512203_s.jpg - DIRECT/92.122.127.73 image/jpeg
1243577091.021   3335 10.11.12.13 TCP_MISS/200 5294 GET http://photos-e.ak.fbcdn.net/hphotos-ak-snc1/hs030.snc1/4295_86506693804_615283804_1787308_1939240_s.jpg - DIRECT/92.122.127.73 image/jpeg
1243577091.021   1658 10.11.12.13 TCP_MISS/200 3165 GET http://profile.ak.facebook.com/v228/1596/105/q1441083467_3141.jpg - DIRECT/219.83.126.10 image/jpeg
1243577091.021   1208 10.11.12.13 TCP_MISS/200 2302 GET http://profile.ak.facebook.com/v226/372/6/q1432774955_8436.jpg - DIRECT/219.83.126.8 image/jpeg
1243577091.201    319 10.11.12.13 TCP_MISS/403 314 HEAD http://kompas.realviewusa.com/djvu/Kompas/Kompas/24-Jan-1374/webimages/page0000001_large.jpg - DIRECT/210.87.32.80 text/html
[root@squid etc]#

Memang, langsung membuka access.log (via console) bagi sebagian orang lebih menyenangkan. Tapi gimana membaca tanggal dan waktunya? Nah, Googling sejenak langsung ketemu lah solusinya! *trus ngapain susah2 posting disini sih *

Ketik saja perintah berikut:

[root@squid etc]# perl -pe 's/[\d\.]+/localtime($&amp;)/e' /var/log/squid/access.log

Hasilnya bisa langsung dilihat, kolom waktu sudah menggunakan format yang human readable:

Sun May 24 04:28:17 2009    682 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:29:18 2009 241593 10.11.12.13 TCP_MISS/200 653 GET http://mail.google.com/mail/channel/bind? - DIRECT/74.125.153.17 text/plain
Sun May 24 04:30:17 2009    652 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:30:40 2009    790 10.11.12.13 TCP_MISS/200 7290 POST http://mail.google.com/mail/? - DIRECT/74.125.153.83 text/javascript
Sun May 24 04:31:56 2009    610 10.11.12.13 TCP_MISS/200 649 POST http://safebrowsing.clients.google.com/safebrowsing/downloads? - DIRECT/74.125.153.102 application/vnd.google.safebrowsing-update
Sun May 24 04:32:17 2009    676 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:32:57 2009    586 10.11.12.13 TCP_MISS/200 758 GET http://static.cache.l.google.com/safebrowsing/rd/goog-phish-shavar_a_57031-57035.57031-57035.: - DIRECT/208.117.252.153 application/vnd.google.safebrowsing-chunk
Sun May 24 04:32:57 2009    408 10.11.12.13 TCP_MISS/200 442 GET http://static.cache.l.google.com/safebrowsing/rd/goog-phish-shavar_a_57036-57040.57036.57037-57040: - DIRECT/208.117.252.153 application/vnd.google.safebrowsing-chunk

Perintah ini nggak akan mengubah file asli access.log. Isi dan format waktu didalam file access.log tetap seperti aslinya. Jadi misal di lain waktu pengen membuka log-nya lagi, tetep harus menggunakan perintah yang sama. Repot? nggak lah! bikin aja alias-nya. Maksudnya begini, misalkan kita pengin pake perintah “vsquid” (tanpa tanda petik pastinya) untuk membaca access.log squid, langkahnya:

Buka file .bashrc

[root@squid etc]# vim /etc/bashrc

Tambahkan sintaks berikut di baris paling bawah

#TAMBAHAN BUAT BUKA LOG SQUID
alias vsquid="perl -pe 's/[\d\.]+/localtime($&amp;)/e' /var/log/squid/access.log"

Simpan dan keluar dari vim, reload bash

[root@squid etc]# bash

Selesai deh, tinggal test membuka access.log menggunakan alias yang baru aja dibuat

[root@squid etc]# vsquid | grep "May 24"

Sun May 24 04:28:17 2009    682 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:29:18 2009 241593 10.11.12.13 TCP_MISS/200 653 GET http://mail.google.com/mail/channel/bind? - DIRECT/74.125.153.17 text/plain
Sun May 24 04:30:17 2009    652 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:30:40 2009    790 10.11.12.13 TCP_MISS/200 7290 POST http://mail.google.com/mail/? - DIRECT/74.125.153.83 text/javascript
Sun May 24 04:31:56 2009    610 10.11.12.13 TCP_MISS/200 649 POST http://safebrowsing.clients.google.com/safebrowsing/downloads? - DIRECT/74.125.153.102 application/vnd.google.safebrowsing-update
Sun May 24 04:32:17 2009    676 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:32:57 2009    586 10.11.12.13 TCP_MISS/200 758 GET http://static.cache.l.google.com/safebrowsing/rd/goog-phish-shavar_a_57031-57035.57031-57035.: - DIRECT/208.117.252.153 application/vnd.google.safebrowsing-chunk
Sun May 24 04:32:57 2009    408 10.11.12.13 TCP_MISS/200 442 GET http://static.cache.l.google.com/safebrowsing/rd/goog-phish-shavar_a_57036-57040.57036.57037-57040: - DIRECT/208.117.252.153 application/vnd.google.safebrowsing-chunk
Sun May 24 04:32:59 2009 220349 10.11.12.13 TCP_MISS/200 705 GET http://mail.google.com/mail/channel/bind? - DIRECT/74.125.153.19 text/plain
Sun May 24 04:34:17 2009    659 10.11.12.13 TCP_MISS/200 666 POST http://www.flickr.com/services/xmlrpc/ - DIRECT/68.142.214.24 text/xml
Sun May 24 04:35:19 2009    324 10.11.12.13 TCP_MISS/200 655 POST http://safebrowsing.clients.google.com/safebrowsing/downloads? - DIRECT/74.125.153.101 application/vnd.google.safebrowsing-update
Sun May 24 04:35:19 2009    601 10.11.12.13 TCP_MISS/200 758 GET http://static.cache.l.google.com/safebrowsing/rd/goog-phish-shavar_a_57031-57035.57031-57035.: - DIRECT/208.117.252.165 application/vnd.google.safebrowsing-chunk
Sun May 24 04:35:20 2009    354 10.11.12.13 TCP_MISS/200 510 GET http://static.cache.l.google.com/safebrowsing/rd/goog-phish-shavar_a_57036-57040.57036-57037.57038-57040: - DIRECT/208.117.252.165 application/vnd.google.safebrowsing-chunk

Semoga bermanfaat, bikin hidup leee..bih hidup

0 Response to “How to read date time in Squid accsess.log?”

Feed for this Entry Trackback Address

No Comments

Komentar terakhir

agus w: Ketoke bengkel kaki “Zaenal” yang di arteri ya om..
Maulana Febrianto: tolong bantuannya dong… di kloxo g bisa tampil semua...
yoyok: lina_sinty4 ym penipu….broadcast
yoyok: bos ane juga pernah ketipu pulsa id nya lina_sinty4 id ini penipu
Stela: tolong bantu dooong. aku udah pnya ym, aku bka iconnya didekstop trus aku...

Trackback terakhir

Learn to a [simple] LiFe: Akses Remote Destop dengan TeamViewer
bingo: Just Bingo...
Tongkrongan Site: Simulator Cisco Router dengan GNS-3
Tongkrongan Site: Simulator Cisco Router dengan GNS-3
Tongkrongan Site: Simulator Cisco Router dengan GNS-3

How to read date time in Squid accsess.log?

0 Response to “How to read date time in Squid accsess.log?”

Leave a Reply

Archives

Categories

Tulisan Terakhir

Komentar terakhir

Trackback terakhir