tech.safesquid.com

SafeSquid SWG Community Support
http://tech.safesquid.com/forum/

SafeSquid extended logging format

http://tech.safesquid.com/forum/viewtopic.php?f=56&t=95

Page 1 of 1

SafeSquid extended logging format

Posted: Fri Jun 28, 2019 12:33 pm
by rishipur
Hello,

As per https://www.safesquid.com/content-filte ... -analyzers page, the Extended format of logging is a mix of double-quotes, square-brackets and commas.

It is possible to standardize on just one way to logging? This will help us to build parsers for loggers like syslog-ng, Arcsight and Splunk.

Appreciate your help.

Regards,
Rishipur.

Re: SafeSquid extended logging format

Posted: Mon Jul 29, 2019 10:32 am
by samidha
Hello,

The link that you have Specified: https://www.safesquid.com/content-filte ... -analyzers
contains details about Old SafeSquid way of storing Extended logs

The new log format for Extended log looks like shown in the link over here :
https://docs.safesquid.com/wiki/Identif ... ailed_Logs

SafeSquid Extended log is Tab-Seperated-Values [TSV Format]
You can easily parse this to any log analyzer by providing delemeter as TAB
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/