Skip to content
This repository has been archived by the owner on Dec 22, 2019. It is now read-only.

Latest commit

 

History

History
21 lines (13 loc) · 659 Bytes

README.md

File metadata and controls

21 lines (13 loc) · 659 Bytes
Raw

Squid Cache Extractor

Forensic artifact extraction from squid3 proxy cache and secondary log sources.

  • Parse headers and metadata from cached files residing in a squid cache_dir
  • Parse metadata from binary cache index cache_dir/swap.state
  • Parse secondary log data from squid store.log file

Usage

Dependencies

Functions

cache-extractor

parse-swap-state

parse-store-log

Output

json and csv output is designed to be indexed by log aggregation storage & visualization utlities such as elasticseach/kibana. See squid-cache-extractor-logstash