Sarg package for pfsense
-
Hi all,
I've just published sarg package for pfsense with squid,squidguard and dansguardian log Analysis as well real time report tab.
Squidguard functions are under devel yet but squid and dansguardians(as well as I tested) are working.
After almost everything done, I found an old sarg package published on forum by joaohf and merged some function calls from this old thread.
Another good point is that sarg is able to forward logs via email, so I'm planning to include it for nanobsd installs.
have fun and feedback! :)
att,
Marcello Coutinho
-
Excelent, thank you for your time to develop this package. I will test it today. ;D
Cheers!!
-
Another good point is that sarg is able to forward logs via email, so I'm planning to include it for nanobsd installs.
Hi Marcello,
Great job! Just wanted to ask about sending reports via email, you say you plan to included it in the nanobsd builds, will it also be included in the mainline? (or should it be already? i didn't see it.)
thanks and have a great day!
-g -
I didn't coded it yet, it's just plans for next release.
-
just some feed back, i realize you are not finished..
when i click on 'real time' tab and attempt to view realtime reports, I get a 404 - Not Found error at the bottom of the page.
-g
-
what log did you selected on sarg settings?
squidguard features are not finished yet. :(
-
great job marcelloc!!
Noticed a few things:
1: squid on my box is use path /var/squid/log, not /var/squid/logs.. Not sure why… but i corrected the path.. Think its because lightsquid was looking for /var/squid/log and the field for log location was removed from that package
2: there is no index page for reports... I reinstalled the package and binay... Now I get "php: /pkg_edit.php: The command '/usr/local/bin/sarg ' returned exit code '1', the output was 'SARG: Cannot set the locale LC_ALL to the environment variable'"
3: realtime doesn't work, 404 - Not Found
-
what log did you selected on sarg settings?
squidguard features are not finished yet. :(
it is squid I'm using Marcello, here is my config should it help you out. anything else you would like to see/try let me know.
[2.0.1-RELEASE][root@gw-master.foobar.com]/usr/local/etc/sarg(11): cat sarg.conf | sed -e '/^#/d' -e '/^$/d'
access_log /var/squid/logs/access.log
graphs yes
output_dir /usr/local/www/sarg-reports
anonymous_output_files no
resolve_ip no
user_ip no
topuser_sort_field BYTES NORMAL
user_sort_field BYTES NORMAL
exclude_users /usr/local/etc/sarg/exclude_users.conf
remove_temp_files yes
index yes
index_tree date
overwrite_report yes
use_comma yes
report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
usertab
long_url no
charset UTF-8
privacy no
dansguardian_conf
squidguard_conf
www_document_root /usr/local/www
realtime_refresh_time 0
realtime_types GET,PUT,CONNECT
realtime_unauthenticated_records show-g
-
Thanks cino and gwhynott for your feedback.
The realtime error is a missing file I've forgot to publish.
I'll do it today and also check better squid log option.
try to select both index options on sarg gui to see if it generate files correctly.
-
1: squid on my box is use path /var/squid/log, not /var/squid/logs.. Not sure why…
lightsquid did that. I think the package maintainer for lightsquid has since corrected it. I created a sym link so both locations work, try to keep everyone happy. 8)
-g
-
lightsquid did that. I think the package maintainer for lightsquid has since corrected it. I created a sym link so both locations work, try to keep everyone happy. 8)
Thanks for the note, I'll try to read it from squid xml info.
-
Thanks cino and gwhynott for your feedback.
The realtime error is a missing file I've forgot to publish.
I'll do it today and also check better squid log option.
try to select both index options on sarg gui to see if it generate files correctly.
thanks for quick reply! I couldn't Force Update Now but manually running the cron job '/usr/local/bin/php /usr/local/www/sarg.php 0' seem to create the pages.. I'll wait an hour and see what happens
Have to tweak some things now ;-) I like the idea you included commands to run after to rotate the logs… have to play around with this...
-
1: squid on my box is use path /var/squid/log, not /var/squid/logs.. Not sure why…
lightsquid did that. I think the package maintainer for lightsquid has since corrected it. I created a sym link so both locations work, try to keep everyone happy. 8)
-g
good to know! I may create a link myself
-
I've published missing file. :)
-
I should had just copied the file over… Some reason now, sarg.conf isn't updating. File is blank about package re-install
I need to do more testing. remove package, reboot box and install it again
edit: i manually created the sarg.conf file.... the realtime page doesn't return data but 'sarg -r' from the cmdline does
-
I did package reinstall.
I'll do some tests too. :(
-
Sorry cino, I've updated an old file and now template file is missing :P
Just wait the 15 minutes to reinstall.
-
yeaaaaa, thanks man I will tested, I have been use this package for a while but my install is manually, love it.
How difficult is to download the info in excel,cvs form?One client ask about before.
Thanks!!!
-
How difficult is to download the info in excel,cvs form?
If it's a built in sarg feature can be done but I saw only html, email or sql like reports.
-
Sarg 0.2 is out.
-
Sarg exclude lists options
-
bug fixes
-
gui improvements
-