Configuring Squid to not log TCP connections (lots of "error:transaction-end-before-headers" showing up in logs)
We run Squid proxies in GCP, and are in the process of migrating from CentOS 7 to 8. I'm working on using the GCP Internal L4 load balancer to improve redundancy/failover, and have configured a basic TCP healthcheck which is working fine.
However, it looks like Squid version 4 logs TCP connections. So, every 10 seconds I get 3 entries added to /var/log/squid/access.log:
1618013711.836 0 35.191.10.117 NONE/000 0 NONE error:transaction-end-before-headers - HIER_NONE/- -
1618013712.256 0 35.191.9.223 NONE/000 0 NONE error:transaction-end-before-headers - HIER_NONE/- -
1618013712.484 0 35.191.10.121 NONE/000 0 NONE error:transaction-end-before-headers - HIER_NONE/- -
This would generate 25,920 lines a day of logs, which I'd like to avoid. Is there a way to configure Squid to not do this? The default squid.conf file didn't have much as far as documentation/explanation.
Solution 1:
According to Squid ACL documentation you can try to add the following ACL in your Squid config:
acl hasRequest has request
Then log those transactions that have request:
access_log /var/log/squid/access.log hasRequest
Or exclude all without request:
access_log none !hasRequest