Forensic artifact extraction from squid3 proxy cache and secondary log sources.
- Parse headers and metadata from cached files residing in a squid
cache_dir - Parse metadata from binary cache index
cache_dir/swap.state - Parse secondary log data from squid
store.logfile
json and csv output is designed to be indexed by log aggregation storage & visualization utlities such as elasticseach/kibana. See squid-cache-extractor-logstash