Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
partisan422021-07-28 08:14:53
Squid
partisan42, 2021-07-28 08:14:53

Are there convenient squid log readers?

Good day to all. I ask for advice, maybe someone has already solved a similar problem?
There is a task: it is necessary to have information, what sites and pages on the network are visited by users? The key is the fact that you need to look not only for sites, but also for pages on these sites.
Example.
https://qna.habr.com/
https://www.google.com/
https://www.opennet.ru/
This is what the manager does not like. But... A

utility for tracking user activity in windows
https://www.google.com/search?q=nDPI&oq=nDPI&aqs=e...
https://www.opennet.ru/prog/info/3752 .shtml is
fine.
What has been done for this: CentOS7, squid, sarg are raised. Added "strip_query_terms off" parameter to squid.conf.
As a result, not all sites have a full url. As an example.

1627440748.901  86682 192.168.0.168 TCP_TUNNEL/200 6102 CONNECT azwcus1-client-s.gateway.messenger.live.com:443 - HIER_DIRECT/52.159.49.199 -
1627440748.955      0 192.168.0.194 TCP_MEM_HIT/200 4833 GET http://tile-service.weather.microsoft.com/ru-RU/livetile/preinstall? - HIER_NONE/- text/xml
1627440749.198  10025 192.168.0.200 TCP_TUNNEL/200 5775 CONNECT cdn01.nativeroll.tv:443 - HIER_DIRECT/92.223.99.99 -
1627440749.421   2843 192.168.0.200 TCP_TUNNEL/200 4711 CONNECT moe.video:443 - HIER_DIRECT/92.223.103.64 -
1627440749.515   3892 192.168.0.200 TCP_TUNNEL/200 4711 CONNECT moe.video:443 - HIER_DIRECT/92.223.103.64 -

Something tells me that this is related to https, but I'm afraid my knowledge is not enough to understand how to implement it correctly?
I would be very grateful if you poke your nose, what am I doing wrong, or show me the direction in which to dig?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
Dimonchik, 2021-07-28
@dimonchik2013

everything is so, https and is connected to
implement by replacing the certificate - this will quickly blur out workers and some sites (refuse to work)

Similar questions
P
partisan422021-07-29 08:15:41
Why might hostalias not work in SARG? 0Reply
M
Maxim2015-12-02 15:51:32
How to correctly specify a rule in squid? 1Reply
A
Anton Pashchenko2020-05-28 17:19:00
How to make distribution of AD users on freebsd proxy through different channels depending on the group? 1Reply
B
Bobur Bakhritdinov2016-01-19 07:51:48
Squid to block sites to increase traffic is it real? 3Reply
D
dexedex2016-01-22 07:46:49
How to configure Squid3 and tproxy in non-transparent mode? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question