12 lines
518 B
Plaintext
12 lines
518 B
Plaintext
[PARSER]
|
|
Name squid_parser
|
|
Format regex
|
|
# Regex adapted to the real log format (with User-Agent in quotes)
|
|
Regex ^(?<time>\S+)\s+(?<client_ip>\S+)\s+(?<status_code>\S+)\s+(?<response_size>\S+)\s+(?<method>\S+)\s+(?<url>\S+)\s+"(?<user_agent>[^"]*)"$
|
|
# Indicates which field contains the timestamp
|
|
Time_Key time
|
|
# Indicates the time format (Unix timestamp with milliseconds)
|
|
Time_Format %s.%L
|
|
# Automatically converts types
|
|
Types response_size:integer
|