Refine your search:

Report of sites visited by user (squid)

0

I have Splunk on both of my Squid proxies forwarding the access.log to our main Splunk installation. How would I create a report of distinct domains visited by user?

asked 02 Jun '10, 18:51

srich's gravatar image

srich
49115
accept rate: 0%

One Answer:
oldestnewestmost voted
1

You should be able to do something like this:

host=squid* source=*access.log | stats count by domain, user

Or another possible grouping would be like:

host=squid* source=*access.log | stats count, values(domain) as domains by user
link

answered 02 Jun '10, 21:13

Lowell's gravatar image

Lowell ♦
9.6k637
accept rate: 40%

Post your answer
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×104

Asked: 02 Jun '10, 18:51

Seen: 1,696 times

Last updated: 02 Jun '10, 21:13

Related questions

Splunk Web login user IP address correlation?

Slow search for squid for a 30 days report

Create a custom web page for the Splunk web server to host

How to build a Browsing Report per User?

New user - trying to work out a report

squid and ips logs OR squid and webseal log compare

Minimal user capabilities for generating PDF email report?

How to Disable Splunk from contacting ANY remote sites

Copyright © 2005-2012 Splunk, Inc. All rights reserved.