Skip to main content

Varnish Logs Extraction Template

Log Type: Varnish

Template Description: Parsing the common fields in your Varnish log.

Sample Log: - - [2017-07-13 21:10:59.586 +0000] "GET /_includes/wp/blog/wp-content/plugins/us/31063765-bpfull.phpi?&w=50&id=6&random=1331063765 HTTP/1.1" 304 5201 "" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:23.0) Gecko/20131011 Firefox/23.0"

Parsing Rule:

parse regex "^(?<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"
| parse regex "(?<method>[A-Z]+)\s(?<url>\S+)\sHTTP/[\d\.]+\"\s(?<status_code>\d+)\s(?<size>[\d-]+)\s\"(?<referrer>.*?)\"\s\"(?<user_agent>.+?)\".*"

Resulting Fields:

src_ipThe IP address of the client (remote host) which made the request to the server101.92.120.16
methodThe method used by the clientGET
urlThe resource requested by the client/_includes/wp/blog/wp-content/plugins/us/31063765-bpfull.phpi?&w=50&id=6&random=1331063765
status_codeThe status code that the server sends back to the client304
sizeThe size of the object returned to the client5201
referrerThe site that the client reports having been referred from
user_agentThe identifying information that the client browser reports about itselfMozilla/5.0 (Windows NT 6.1; Win64; x64; rv:23.0) Gecko/20131011 Firefox/23.0
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.