Update to 2025-07-28 10:00

roles/squid/files/acl/software_various.domains

@@ -6,6 +6,7 @@ download.dokuwiki.org
 raw.githubusercontent.com
 objects.githubusercontent.com
 github-releases.githubusercontent.com
+release-assets.githubusercontent.com
 packagecloud.io
 .cloudfront.net
 packagist.org

roles/squid/templates/vector.yml

@@ -14,9 +14,12 @@ transforms:
     type: remap
     inputs: ["in_logs_squid"]
     source: |
+      .group = "proxy"
       if (.file == "/var/log/squid/access.log"){
         .squid = parse_grok!(
                    .message,
                    "%{HTTPDATE:timestamp}\\s+%{NUMBER:response_time} %{IPORHOST:src_ip} %{NOTSPACE:squid_request_status}/%{NUMBER:http_status_code} %{NUMBER:transfer_size} %{NOTSPACE:http_method} (%{URIPROTO:url_scheme}://)?(?<url_host>\\S+?)(:%{INT:url_port})?(/%{NOTSPACE:url_path})?\\s+%{NOTSPACE:client_identity}\\s+%{NOTSPACE:peer_code}/%{NOTSPACE:peerhost}\\s+%{NOTSPACE:content_type}"
                  )
+        .timestamp = parse_timestamp(del(.squid.timestamp), format: "%d/%h/%Y:%H:%M:%S %z") ?? now()
+        .service = "squid"
       }