Squid Proxy Sever View logs / log files

Q. How do I view squid proxy server log files under CentOS Linux server 5.0?

A. squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, squid handles all requests in a single, non-blocking, I/O-driven process.

/var/log/squid/ log file directory

The logs are a valuable source of information about Squid workloads and performance. The logs record not only access information, but also system configuration errors and resource consumption (eg, memory, disk space). There are several log file maintained by Squid. Some have to be explicitely activated during compile time, others can safely be deactivated during.

  • /var/log/squid/access.log : Most log file analysis program are based on the entries in access.log. You can use this file to find out who is using squid server and what they are doing etc
  • /var/log/squid/cache.log : The cache.log file contains the debug and error messages that Squid generates. If you start your Squid using the default RunCache script, or start it with the -s command line option, a copy of certain messages will go into your syslog facilities. It is a matter of personal preferences to use a separate file for the squid log data.
  • /var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones. As a kind of transaction log it is ususally used for debugging purposes. A definitive statement, whether an object resides on your disks is only possible after analysing the complete log file. The release (deletion) of an object may be logged at a later time than the swap out (save to disk).

How do I view Squid Log files / logs?

You can use standard UNIX / Linux command such as grep / tail to view log files. You must login as root or sudo command to view log files.

Display log files in real time

Use tail command as follows:
# tail -f /var/log/squid/access.log
$ sudo tail -f /var/log/squid/access.log

Search log files

Use grep command as follows:
grep 'string-to-search' /var/log/squid/access.log

View log files

Finally you can use text editor such as vi to view log files:
# vi /var/log/squid/access.log

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 24 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
24 comments… add one
  • goose Oct 17, 2007 @ 13:56

    this rokes

  • WebTenet Jan 10, 2008 @ 20:39

    When squid is running if a log file is opened using vi, will it lock the file and cause problem with squid?

  • 🐧 nixCraft Jan 11, 2008 @ 2:34


    Noop, it will keep log in the message

  • Pradeep Singh Apr 28, 2008 @ 6:56

    hi ,
    i m a new squid user, i m getting all d loged in information of users through psacct services n various commands, but what i m really searching 4 is the particular users downloaded dat information while using services of internet via SQUID server, please help me out with dis .

    thanking in advance
    Pradeep Singh

  • V.Balaviswanathan May 5, 2009 @ 12:49

    Thanks for this information… Cool one, and I have a doubt in this that if we need to browse something that is in the blocked list,I often need to delete that entry in that list. Is the any other way i can do this without deleting the entry in the file squidblock.acl , can we access those sites which are blocked….

  • rey May 23, 2009 @ 22:56

    Hello all, I have configure a squid at ubuntu, for 3 or 4 days it works perfect, but after that it dont work any more, it give many errors at the log file
    ie: TCP_MISS/504
    TCP_MISS/302 and others

    but I discover that if I make a request to the squit proxy using IP and not the domain name it works

    so if I need to navigate on google.com the squit don’t work, but the google IP are (one of them) if I put it works, I like to know why this is happening, what can be wrong at my squid.conf file ?.

    thanks for any help in advance

  • mezgani Jul 27, 2009 @ 5:23
  • candice Nov 17, 2009 @ 10:32

    i go t clarendon college school and need a proxy website or something that i can get on to go on facebook.

  • raMiz Jan 8, 2010 @ 8:07

    plz tell mee….

    how to maintain users downloaded information at server’s side………. in a wire less network….

    in detail ……. im doing a pjct on this…

  • Thomas Conor Jun 23, 2010 @ 7:12

    This is how we get the time stamp corrected
    perl -pe ‘s/[\d\.]+/localtime($&)/e’ /var/log/squid/access.log > /tmp/access.log

  • Live Jul 15, 2010 @ 7:48

    OK this is what I do,

    tail -f /var/log/squid/access.log | grep [ipaddress_of_a_client_workstation]

    Then it only shows the webpages that client_workstation is accessing, this is good for client surveillance.

    How can I save this to a file? I mean, if I’m not in the office, the Proxy should save the addresses that client went throughout the day. And I review them at night.

    How do you do that? Thanks.

  • Rakesh Ray Oct 7, 2010 @ 7:41

    is there any log maintained for the EMail access through squid. if yes where it get the email id and access time??????

  • John Mar 20, 2011 @ 4:17

    Is there any way to find a few ip addresses in a few logfiles and append it to a output file?

  • John Mar 20, 2011 @ 4:18

    Is there anyway to find a few ip addresses in a different log files and append it to another file?


  • mukeshchaudhary Jun 19, 2011 @ 6:30

    plzzz. can anyone let me know except proxy what are the other work of squid on linux server………….

    Thanks and Regards

    Mukesh Chaudhary

    • Vkram Jun 20, 2011 @ 8:37

      You can block Websites, Block downloading, Restrict users to internet, Make users Authenticate to use internet, Surveillance the users net using, In short you can control internet using at every side.

  • mukesh chaudhary Jun 21, 2011 @ 2:50

    thax vikrm!

  • sathish Nov 26, 2011 @ 12:39

    Hi i need a script to generate the report from the squid log file which should display the ip of the visitor. web response sites accessed and denied,etc.

  • damha May 8, 2012 @ 18:38

    Is there GUI live monitoring tool for squid ?
    something like bandwidthsplitter for ISA server .

  • paulob Aug 29, 2012 @ 21:39

    i get squidview and will do some tests,actualy if i need make a check in a users, do something like:
    tail -f /var/log/squid/access.log |grep ‘username’
    or to print only desired columns
    tail -f /var/log/squid/access.log | awk ‘{print $3,$5,$7}’

  • nikunj Dec 12, 2012 @ 8:42

    hi guys
    i have a squid server on ubuntu 11.10 and i want to view proxy access log file day vais how to do plas tell me ok

  • Mprem Aug 26, 2013 @ 7:55

    can anybody help to make squid gud speed.

    iam having solaris oracle 11 and squid proxy server 3.1

    plz help me out
    to save my position


  • gaurav lohani Feb 11, 2014 @ 15:14

    I want to know the data log of users by squid. the data which is downloaded by users.

  • Satish Mar 12, 2015 @ 5:04

    We have enabled squid proxy server and I want to capture the logs in different place for now it is /var/squid/log I want to capture it in different file system.

    How do I do that ? thanks

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum