Note  The logs_xml.config file ignores extra white space, blank lines, and all comments.

Field	Allowed Inputs
<Name = "valid_format_name"/>	Required. Valid format names include any name except squid, common, extended, or extended2, which are predefined formats. There is no default for this tag.
<Format = "valid_format_specification"/>	Required. A valid format specification is a printf-style string describing each log entry when formatted for ASCII output. Use "%<field>" as placeholders for valid field names. For more information, see Custom logging fields. The specified field can be of two types: Simple: for example, %<cqu> A field within a container, such as an HTTP header or a Content Gateway statistic. Fields of this type have the following syntax: %<{field}container>
<Interval = "aggregate_interval_secs"/>	Use this tag when the format contains aggregate operators. The value "aggregate_interval_secs" represents the number of seconds between individual aggregate values being produced. The valid set of aggregate operators are: COUNT SUM AVG FIRST LAST

Field	Allowed Inputs
<Name = "valid_filter_name"/>	Required. All filters must be uniquely named.
<Condition = "valid_log_field valid_operator valid_comparison_value"/>	Required. This field contains the following elements: valid_log_field is the field that will be compared against the given value. For more information, see Logging format cross-reference. valid_operator_field is any one of the following: MATCH, CASE_INSENSITIVE_MATCH, CONTAIN, CASE_INSENSITIVE_CONTAIN. MATCH is true if the field and value are identical (case sensitive). CASE_INSENSITIVE_MATCH is similar to MATCH, only case insensitive. CONTAIN is true if the field contains the value (the value is a substring of the field). CASE_INSENSITIVE_CONTAIN is a case-insensitive version of CONTAIN. valid_comparison_value - any string or integer matching the field type. For integer values, all of the operators are equivalent and mean that the field must be equal to the specified value. Note: There are no negative comparison operators. If you want to specify a negative condition, use the Action field to REJECT the record.
<Action = "valid_action_field"/>	Required. ACCEPT or REJECT. This instructs Content Gateway to either accept or reject records satisfying the condition of the filter.

Field	Allowed Inputs
<Format = "valid_format_name"/>	Required. Valid format names include the predefined logging formats: squid, common, extended, and extended2, as well as any previously-defined custom log formats. There is no default for this tag.
<Filename = "file_name"/>	Required. The filename to which the given log file is written. No local log file will be created if you fail to specify this tag. All filenames are relative to the default logging directory. If the name does not contain an extension (for example, "squid"), an extension is added: .log for ASCII logs or .blog for binary logs. (See <Mode = "valid_logging_mode"/> below.) If you do not want an extension to be added, end the filename with a single dot (.).
<Mode = "valid_logging_mode"/>	Valid logging modes include ascii, binary, and ascii_pipe. The default is ascii. Use ascii to create event log files in human-readable form (plain ASCII). Use binary to create event log files in binary format. Binary log files generate lower system overhead and occupy less space on the disk (depending on the information being logged). You must use the logcat utility to translate binary log files to ASCII format before you can read them. Use ascii_pipe to write log entries to a UNIX named pipe (a buffer in memory). Other processes can then read the data using standard I/O functions. Content Gateway does not have to write to disk, freeing disk space and bandwidth for other tasks. In addition, writing to a pipe does not stop when logging space is exhausted because the pipe does not use disk space. Note: If you are using a collation server, the log is written to a pipe on the collation server. A local pipe is created even before a transaction is processed so that you can see the pipe right after Content Gateway starts. However, pipes on a collation server are created when Content Gateway starts.
<Filters = "list_of_valid_filter_names"/>	A comma-separated list of names of any previously defined log filters. If more than one filter is specified, all filters must accept a record for the record to be logged.
<Protocols = "list_of_valid_protocols"/>	A comma-separated list of the protocols this object should log. Valid protocol names include HTTP.
<ServerHosts = "list_of_valid_servers"/>	A comma-separated list of valid hostnames.This tag indicates that only entries from the named servers will be included in the file.
<CollationHosts = "list_of_valid_hostnames"/>	A comma-separated list of collation servers to which all log entries (for this object) are forwarded. Collation servers can be specified by name or IP address. Specify the collation port with a colon after the name (for example, host:port).
<Header = "header"/>	The header text you want the log files to contain. The header text appears at the beginning of the log file, just before the first record.
<RollingEnabled = "truth value"/>	Enables or disables log file rolling for the LogObject. This setting overrides the value for the configuration setting Log Rolling: Enabled/Disabled in the Content Gateway manager or proxy.config.log2.rolling_enabled in the records.config file. Set "truth value" to 1 or true to enable rolling; set it to 0 or false to disable rolling for this particular LogObject.
<RollingIntervalSec = "seconds"/>	Specifies the seconds between log file rolling for the LogObject. This setting overrides the value for the configuration setting Log Rolling: Interval in the Content Gateway manager or proxy.config.log2.rolling_interval_sec in the records.config file. This option allows you to specify different rolling intervals for different LogObjects.
<RollingOffsetHr = "hour"/>	Specifies an hour (from 0 to 23) at which rolling is guaranteed to align. Rolling may start before then, but a rolled file will be produced only at that time. The impact of this setting is only noticeable if the rolling interval is larger than one hour. This setting overrides the configuration setting Log Rolling: Offset Hour in the Content Gateway manager or proxy.config.log2.rolling_offset_hr in the records.config file.

Note  When specifying the field in the filter condition, you can omit the %<>. This means that the following filter is equivalent to the example directly above: <LogFilter> <Name = "only_refresh_hits"/> <Action = "ACCEPT"/> <Condition = "pssc MATCH REFRESH_HIT"/> </LogFilter>