SafeSquid extended logging format


As per … -analyzers page, the Extended format of logging is a mix of double-quotes, square-brackets and commas.

It is possible to standardize on just one way to logging? This will help us to build parsers for loggers like syslog-ng, Arcsight and Splunk.

Appreciate your help.


The link that you have Specified: … -analyzers
contains details about Old SafeSquid way of storing Extended logs

The new log format for Extended log looks like shown in the link over here : … ailed_Logs

SafeSquid Extended log is Tab-Seperated-Values [TSV Format]
You can easily parse this to any log analyzer by providing delemeter as TAB