By default, squid uses UTC in its timestamps in its various logs (access.log, store.log, cache.log). Although there are many tools to covert UTC into a human readable format – its not always practical when running a grep over your logs for troubleshooting.<\/p>\n
In order to change this simply add the following line to your squid conf (make sure to remove or comment any exting entries)<\/p>\n
The new log youtput will produce something like this:<\/p>\n Her is a list of the format codes:<\/p>\n %\ta literal % character Use the squid documentary to apply your needs to the logfile:<\/p>\nlogformat squid %tl.%03tu %6tr %>a %Ss\/%03Hs %<\/code><\/p>\n26\/Oct\/2010:15:38:46 +0200.538 4787 y.y.y.y TCP_MISS\/200 41841 GET http:\/\/robinward.com\/ - DIRECT\/x.x.x.x text\/html<\/code><\/p>\n
\n>a\tClient source IP address
\n>A\tClient FQDN
\n>p\tClient source port
\nla\tLocal IP address (http_port)
\nlp\tLocal port number (http_port)
\nsn\tUnique sequence number per log line entry
\nts\tSeconds since epoch
\ntu\tsubsecond time (milliseconds)
\ntl\tLocal time. Optional strftime format argument
\ndefault %d\/%b\/%Y:%H:%M:%S %z
\ntg\tGMT time. Optional strftime format argument
\ndefault %d\/%b\/%Y:%H:%M:%S %z
\ntr\tResponse time (milliseconds)
\ndt\tTotal time spent making DNS lookups (milliseconds)\n<\/p><\/blockquote>\n