Skip to main content

Varnish Logs Extraction Template

Log Type: Varnish

Template Description: Parsing the common fields in your Varnish log.

Sample Log:

101.92.120.16 - - [2017-07-13 21:10:59.586 +0000] "GET /_includes/wp/blog/wp-content/plugins/us/31063765-bpfull.phpi?&w=50&id=6&random=1331063765 HTTP/1.1" 304 5201 "http://search.yahoo.com/mobile/s?rew...0logs&pintl=en" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:23.0) Gecko/20131011 Firefox/23.0"

Parsing Rule:

parse regex "^(?<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"
| parse regex "(?<method>[A-Z]+)\s(?<url>\S+)\sHTTP/[\d\.]+\"\s(?<status_code>\d+)\s(?<size>[\d-]+)\s\"(?<referrer>.*?)\"\s\"(?<user_agent>.+?)\".*"

Resulting Fields:

FieldDescriptionExample
src_ipThe IP address of the client (remote host) which made the request to the server101.92.120.16
methodThe method used by the clientGET
urlThe resource requested by the client/_includes/wp/blog/wp-content/plugins/us/31063765-bpfull.phpi?&w=50&id=6&random=1331063765
status_codeThe status code that the server sends back to the client304
sizeThe size of the object returned to the client5201
referrerThe site that the client reports having been referred fromhttp://search.yahoo.com/mobile/s?rew...0logs&pintl=en
user_agentThe identifying information that the client browser reports about itselfMozilla/5.0 (Windows NT 6.1; Win64; x64; rv:23.0) Gecko/20131011 Firefox/23.0
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.