Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SARG + E2guardian

    Scheduled Pinned Locked Moved Portuguese
    40 Posts 8 Posters 7.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM
      marcelloc @jdsonc
      last edited by

      @jdsonc said in SARG + E2guardian:

      Acabei de verificar, eu criei um agendamento a cada 30m, isso era as 8:00, em seguida ele ja atualizou e parou novamente. O servidor não foi reiniciado nesse meio tempo, é batata, é criar outro agendamento e volta a atualizar os logs, mas depois para novamente.

      Antes de reaplicar o agendamento, consegue copiar o sarg.conf e comparar após salvar novamente as configurações?

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      G 1 Reply Last reply Reply Quote 0
      • G
        ghislenidroid @marcelloc
        last edited by

        @marcelloc

        Olha o meu sarg.conf antes de apagar o agendamento.

        code
        # sarg.conf
        #
        # TAG:  access_log file
        #       Where is the access.log
        #       sarg -l file
        #
        access_log 
        
        # TAG: graphs yes|no
        #	Use graphics where possible.
        #           graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
        #
        graphs yes
        #graph_days_bytes_bar_color orange
        
        # TAG:  graph_font
        #       The full path to the TTF font file to use to create the graphs. It is required
        #       if graphs is set to yes.
        #
        #graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
        
        # TAG:	title
        # 	Specify the title for html page.
        #
        #title "Squid User Access Reports"
        title "E2guardian User Access Reports"
        # TAG:	font_face
        # 	Specify the font for html page.
        #
        #font_face Tahoma,Verdana,Arial
        
        # TAG:	header_color
        # 	Specify the header color
        #
        #header_color darkblue
        
        # TAG:	header_bgcolor
        # 	Specify the header bgcolor
        #
        #header_bgcolor blanchedalmond
        
        # TAG:	font_size
        # 	Specify the text font size
        #
        #font_size 9px
        
        # TAG:	header_font_size
        # 	Specify the header font size
        #
        #header_font_size 9px
        
        # TAG:	title_font_size
        # 	Specify the title font size
        #
        #title_font_size 11px
        
        # TAG:	background_color
        # TAG:	background_color
        #	Html page background color
        #
        # background_color white
        
        # TAG:	text_color
        #	Html page text color
        #
        #text_color #000000
        
        # TAG:	text_bgcolor
        #	Html page text background color
        #
        #text_bgcolor lavender
        
        # TAG:	title_color
        #	Html page title color
        #
        #title_color green
        
        # TAG:	logo_image
        #	Html page logo.
        #
        #logo_image none
        
        # TAG:	logo_text
        #	Html page logo text.
        #
        #logo_text ""
        
        # TAG:	logo_text_color
        #	Html page logo texti color.
        #
        #logo_text_color #000000
        
        # TAG:	logo_image_size
        #	Html page logo image size.
        #       width height
        #
        #image_size 80 45
        
        # TAG:	background_image
        #	Html page background image
        #
        #background_image none
        
        # TAG:  password
        #       User password file used by Squid authentication scheme
        #       If used, generate reports just for those users.
        #
        #password none
        
        # TAG:  temporary_dir
        #       Temporary directory name for work files
        #       sarg -w dir
        #
        #temporary_dir /tmp
        
        # TAG:  output_dir
        #       The reports will be saved in that directory
        #       sarg -o dir
        #
        output_dir /usr/local/sarg-reports
        
        # TAG:  anonymous_output_files yes/no
        #       Use anonymous file and directory names in the report. If it is set to
        #       no (the default), the user ID/IP/name is slightly mangled to create a
        #       suitable file name to store the report of the user but the user's
        #       identity can easily be guessed from the mangled name. If this option is
        #       set, any file or directory belonging to the user is replaced by a short
        #       number.  The purpose is to hide the identity of the user when looking
        #       at the report file names but it may serve to shorten the path too.
        #
        anonymous_output_files no
        
        # TAG:  output_email
        #       Email address to send the reports. If you use this tag, no html reports will be generated.
        #       sarg -e email
        #
        #output_email none
        
        # TAG:  resolve_ip yes/no
        #       Convert IP address to DNS name
        #       sarg -n
        resolve_ip no
        
        # TAG:  user_ip yes/no
        #       Use IP address instead of userid in reports.
        #       sarg -p
        user_ip no
        
        # TAG:  topuser_sort_field field normal/reverse
        #       Sort field for the Topuser Report.
        #       Allowed fields: USER CONNECT BYTES TIME
        #
        topuser_sort_field BYTES normal
        
        # TAG:  user_sort_field field normal/reverse
        #       Sort field for the User Report.
        #       Allowed fields: SITE CONNECT BYTES TIME
        #
        user_sort_field BYTES normal
        
        # TAG:  exclude_users file
        #       users within the file will be excluded from reports.
        #       You can use indexonly to have only index.html file.
        #
        exclude_users /usr/local/etc/sarg/exclude_users.conf
        
        # TAG:  exclude_hosts file
        #       Hosts, domains or subnets will be excluded from reports.
        #
        #       Eg.: 192.168.10.10 - exclude this IP address only
        #            192.168.10.0/24 - exclude entire subnet
        #            host1.example.com - exclude this hostname only
        #            *.example.com - exclude entire domain
        #
        exclude_hosts /usr/local/etc/sarg/exclude_hosts.conf
        
        # TAG:  useragent_log file
        #       useragent.log file path to generate useragent report.
        #
        #useragent_log none
        
        # TAG:  date_format
        #       Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
        #
        #date_format u
        date_format u
        
        # TAG:  per_user_limit file MB
        #       Saves userid on file if download exceed n MB.
        #       This option allows you to disable user access if user exceeds a download limit.
        #
        #per_user_limit none
        
        # TAG: lastlog n
        #      How many reports files will be kept in reports directory.
        #      The oldest report file will be automatically removed.
        #      0 - no limit.
        #
        #lastlog 0
        lastlog 0
        
        # TAG: remove_temp_files yes
        #      Remove temporary files from root report directory.
        #
        remove_temp_files yes
        
        # TAG: index yes|no|only
        #      Generate the main index.html.
        #      only - generate only the main index.html
        #
        index yes
        
        # TAG: index_tree date|file
        #      How to generate the index.
        #
        index_tree file
        
        # TAG: index_fields
        #      The columns to show in the index of the reports
        #      Columns are: dirsize
        #
        #index_fields dirsize
        
        # TAG: overwrite_report yes|no
        #      yes - if report date already exist it will be overwrited.
        #       no - if report date already exist it will be renamed to filename.n, filename.n+1
        #
        overwrite_report yes
        
        # TAG: records_without_userid ignore|ip|everybody
        #      What can I do with records without user id (no authentication) in access.log file ?
        #
        #      ignore - This record will be ignored.
        #          ip - Use IP address instead. (default)
        #   everybody - Use "everybody" instead.
        #
        #records_without_userid ip
        
        # TAG: use_comma no|yes
        #      Use comma instead of dot in reports.
        #      Eg.: use_comma yes => 23,450,110
        #           use_comma no  => 23.450.110
        #
        use_comma yes
        
        # TAG: mail_utility
        #      Mail command to use to send reports via SMTP. Sarg calls it like this:
        #         mail_utility -s "SARG report, date" "output_email" <"mail_content"
        #
        #      Therefore, it is possible to add more arguments to the command by specifying them
        #      here.
        #
        #      If you need too, you can use a shell script to process the content of /dev/stdin
        #      (/dev/stdin is the mail_content passed by Sarg to the script) and call whatever
        #      command you like. It is not limited to mailing the report via SMTP.
        #
        #      Don't forget to quote the command if necessary (i.e. if the path contains
        #      characters that must be quoted).
        #
        #mail_utility mailx
        
        # TAG: topsites_num n
        #      How many sites in topsites report.
        #
        #topsites_num 100
        
        # TAG: topsites_sort_order CONNECT|BYTES|TIME A|D
        #      Sort for topsites report, where A=Ascending, D=Descending
        #
        #topsites_sort_order CONNECT D
        
        # TAG: index_sort_order A/D
        #      Sort for index.html, where A=Ascending, D=Descending
        #
        #index_sort_order D
        
        # TAG: exclude_codes file
        #      Ignore records with these Squid return codes. Eg.: NONE/400
        #      Write one code per line. Lines starting with a # are ignored.
        #      Only codes matching exactly one of the line is rejected. The
        #      comparison is not case sensitive.
        #
        exclude_codes /usr/local/etc/sarg/exclude_codes
        
        # TAG: replace_index string
        #      Replace "index.html" in the main index file with this string
        #      If null, "index.html" is used
        #
        #replace_index <?php echo str_replace(".", "_", ); echo ".html"; ?>
        
        # TAG: max_elapsed milliseconds
        #      If elapsed time recorded in log is greater than max_elapsed, use 0 for elapsed time.
        #      Use 0 for no checking
        #
        #max_elapsed 28800000
        # 8 Hours
        max_elapsed 0
        
        # TAG: report_type type
        #      What kind of reports to generate.
        #      topusers            - users, sites, times, bytes, connects, links to accessed sites, etc.
        #      topsites		   - site, connect and bytes report
        #      sites_users	   - users and sites report
        #      users_sites	   - accessed sites by the user report
        #      date_time	   - bytes used per day and hour report
        #      denied		   - denied sites with full URL report
        #      auth_failures       - autentication failures report
        #      site_user_time_date - sites, dates, times and bytes report
        #      downloads           - downloads per user report
        #
        #      Eg.: report_type topsites denied
        #
        #report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
        report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
        
        # TAG: usertab filename
        #      You can change the "userid" or the "IP address" to be a real user name on the reports.
        #      If resolve_ip is active, the IP address is resolved before being looked up in this
        #      file. That is, if you want to map the ip address, be sure to set resolve_ip to no or
        #      the resolved name will be looked up in the file instead of the IP address. Note that
        #      it can be used to resolve any IP address known to the DNS and then map the unresolved
        #      IP addresses to a name found in the usertab file.
        #      Table syntax:
        # 		userid name   or   ip address name
        #      Eg:
        #		SirIsaac Isaac Newton
        #		vinci Leonardo da Vinci
        #		192.168.10.1 Karol Wojtyla
        #
        #      Each line must be terminated with '\ n'
        #      If usertab is set to value "ldap" (case ignored), user names
        #      will be taken from LDAP server. Use this method to obtain usernames
        #      LDAP / Active Directory.
        #
        #usertab none
        usertab none
        
        # TAG: LDAPHost hostname
        #	FQDN or IP address of host with LDAP service or AD DC
        #	default is '127.0.0.1'
        #LDAPHost 127.0.0.1
        
        
        # TAG: LDAPPort port
        #       LDAP service port number
        #	default is '389'
        #LDAPPort 389
        
        
        # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
        #	DN of the LDAP user who is authorized to the search the LDAP database
        #	default is empty line
        #LDAPBindDN cn=proxy,dc=mydomain,dc=local
        
        
        # TAG: LDAPBindPW secret
        #	Password for LDAPBindDN specified above.
        #	default is empty line
        #LDAPBindPW secret
        
        
        # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
        #	LDAP search base DN. The search base is the place in the hierarchical LDAP structure
        #       where the search for user accounts starts.
        #	default is empty line
        #LDAPBaseSearch ou=users,dc=mydomain,dc=local
        
        
        # TAG: LDAPFilterSearch (uid=%s)
        #	Use this to filter the user login entries to be returned for a search operation in LDAP.
        #	First founded record will be used
        #	%s - will be changed to userlogins from access.log file
        #       Search filter string can have up to 5 '%s' tags.
        #	default value is '(uid=%s)'
        #LDAPFilterSearch (uid=%s)
        
        
        # TAG: LDAPTargetAttr attributename
        #	Name of the attribute containing the login name of the user.
        #	default value is 'cn'
        #LDAPTargetAttr cn
        
        
        # TAG: long_url yes|no
        #      If yes, the full url is showed in report.
        #      If no, only the site will be showed
        #
        #      YES option generate very big sort files and reports.
        #
        long_url no
        
        # TAG: date_time_by bytes|elap
        #      Date/Time reports show the downloaded volume or the elapsed time or both.
        #
        #date_time_by bytes
        date_time_by bytes
        
        # TAG: charset name
        #      ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
        #      graphic character sets for writing in alphabetic languages
        #      You can use the following charsets:
        #		Latin1 		- West European
        #		Latin2 		- Central and East European
        #		Latin3 		- Southeast European
        #		Latin4 		- Scandinavian/Baltic
        #		Cyrillic
        #		Arabic
        #		Greek
        #		Hebrew
        #		Latin5 		- Turkish
        #		Latin6          - Lappish/Nordic/Eskimo
        #		Windows-1251
        #		Japan
        #		Koi8-r
        #		UTF-8
        #
        #charset Latin1
        charset Windows-1251
        
        # TAG: user_invalid_char "&/"
        #      Records that contain invalid characters in userid will be ignored by Sarg.
        #
        #user_invalid_char "&/"
        
        # TAG: privacy yes|no
        #      privacy_string "***.***.***.***"
        #      privacy_string_color blue
        #      In some countries the sysadm cannot see the visited sites by a restrictive law.
        #      Using privacy 'yes', the visited url will be changes by privacy_string and the link
        #      will be removed from reports.
        #
        privacy no
        #privacy_string "***.***.***.***"
        #privacy_string_color blue
        
        # TAG: include_users "user1:user2:...:usern"
        #      Reports will be generated only for listed users.
        #
        #include_users none
        
        
        # TAG: exclude_string "string1:string2:...:stringn"
        #      Records from access.log file that contain one of listed strings will be ignored.
        #
        #exclude_string none
        exclude_string "e2gerror.php:[inet"
        # TAG: show_successful_message yes|no
        #      Shows "Successful report generated on dir" at end of process.
        #
        #show_successful_message yes
        
        # TAG: show_read_statistics yes|no
        #      Shows some reading statistics.
        #
        #show_read_statistics yes
        
        # TAG: topuser_fields
        #      Which fields must be in Topuser report.
        #
        #topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
        
        # TAG: user_report_fields
        #      Which fields must be in User report.
        #
        #user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
        
        # TAG: bytes_in_sites_users_report yes|no
        #      Bytes field must be in Site & Users Report ?
        #
        #bytes_in_sites_users_report no
        bytes_in_sites_users_report no
        
        # TAG: topuser_num n
        #      How many users in topsites report. 0 = no limit
        #
        #topuser_num 0
        topuser_num 0
        
        # TAG: datafile file
        #      Save the report results in a file to populate some database
        #
        #datafile none
        
        # TAG: datafile_delimiter "	"
        #      ascii character to use as a field separator in datafile
        #
        #datafile_delimiter ""
        
        # TAG: datafile_fields all
        #      Which data fields must be in datafile
        #      user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
        #
        #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
        
        
        # TAG: datafile_url ip|name
        #      Saves the URL as IP or name in datafile
        #
        #datafile_url ip
        
        # TAG: weekdays
        #      The weekdays to take into account ( Sunday->0, Saturday->6 )
        # Example:
        #weekdays 1-3,5
        # Default:
        #weekdays 0-6
        
        # TAG: hours
        #      The hours to take into account
        # Example:
        #hours 7-12,14,16,18-20
        # Default:
        #hours 0-23
        
        # TAG: dansguardian_conf file
        #      DansGuardian.conf file path
        #      Generate reports from DansGuardian logs.
        #      Use 'none' to disable it.
        #      dansguardian_conf /usr/dansguardian/dansguardian.conf
        #
        dansguardian_conf 
        
        # TAG: dansguardian_filter_out_date on|off
        #      This option replaces dansguardian_ignore_date (its name was not appropriate with respect to its action).
        #      Note the change of parameter value compared to the old option.
        #      'off' use the record even if its date is outside of the range found in the input log file.
        #      'on'  use the record only if its date is in the range found in the input log file.
        #
        dansguardian_filter_out_date on
        
        # TAG: squidguard_conf file
        #      path to squidGuard.conf file
        #      Generate reports from SquidGuard logs.
        #      Use 'none' to disable.
        #      You can use sarg -L filename to use an alternate squidGuard log.
        #      squidguard_conf /usr/local/squidGuard/squidGuard.conf
        #
        squidguard_conf none
        
        # TAG: redirector_log file
        #      The location of the web proxy redirector log, such as one created by squidGuard or Rejik. The option
        #      may be repeated up to 64 times to read multiple files.
        #      If this option is specified, it takes precedence over squidguard_conf.
        #      The command line option -L override this option.
        #
        #redirector_log /usr/local/squidGuard/var/logs/urls.log
        
        # TAG: redirector_filter_out_date on|off
        #      This option replaces squidguard_ignore_date and redirector_ignore_date (their names were not
        #      appropriate with respect to their actions).
        #      Note the change of parameter value compared to the old options.
        #      'off' use the record even if its date is outside of the range found in the input log file.
        #      'on'  use the record only if its date is in the range found in the input log file.
        #
        #redirector_filter_out_date on
        
        # TAG: redirector_log_format
        #      Format string for web proxy redirector logs.
        #      This option was named squidguard_log_format before Sarg 2.3.
        #      REJIK       #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
        #      SQUIDGUARD  #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
        #redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
        
        # TAG: show_sarg_info yes|no
        #      shows Sarg information and site path on each report bottom
        #
        show_sarg_info no
        
        # TAG: show_sarg_logo yes|no
        #      shows Sarg logo
        #
        show_sarg_logo no
        
        # TAG: parsed_output_log directory
        #      Saves the processed log in a Sarg format after parsing the squid log file.
        #      This is a way to dump all of the data structures out, after parsing from
        #      the logs (presumably this data will be much smaller than the log files themselves),
        #      and pull them back in for later processing and merging with data from previous logs.
        #
        #parsed_output_log none
        
        # TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
        #      Command to run to compress sarg parsed output log. It may contain
        #      options (such as -f to overwrite existing target file). The name of
        #      the file to compresse is provided at the end of this
        #      command line. Don't forget to quote things appropriately.
        #
        #parsed_output_log_compress /bin/gzip
        
        # TAG: displayed_values bytes|abbreviation
        #      how the values will be displayed in reports.
        #      eg. bytes  	-  209.526
        #          abbreviation -  210K
        #
        #displayed_values bytes
        displayed_values bytes
        
        # Report limits
        # TAG: authfail_report_limit n
        # TAG: denied_report_limit n
        # TAG: siteusers_report_limit n
        # TAG: squidguard_report_limit n
        # TAG: user_report_limit n
        # TAG: dansguardian_report_limit n
        # TAG: download_report_limit n
        #      report limits (lines).
        #      '0' no limit
        #
        #authfail_report_limit 10
        authfail_report_limit 0
        #denied_report_limit 10
        denied_report_limit 0
        #siteusers_report_limit 0
        #squidguard_report_limit 10
        #dansguardian_report_limit 10
        #user_report_limit 10
        #user_report_limit 50
        siteusers_report_limit 0
        user_report_limit 0
        dansguardian_report_limit 0
        
        
        # TAG: www_document_root dir
        #     Where is your Web DocumentRoot
        #     Sarg will create sarg-php directory with some PHP modules:
        #     - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
        #
        #www_document_root /var/www/html
        www_document_root /usr/local/www
        
        # TAG: block_it module_url
        #     This tag allows you to pass urls from user reports to a cgi or php module,
        #     to be blocked by some Squid acl.
        #
        #     Eg.: block_it /sarg-php/sarg-block-it.php
        #     sarg-block-it is a php that will append a url to a flat file.
        #     You must change /var/www/html/sarg-php/sarg-block-it to point to your file
        #     in  variable, and chown to the httpd owner.
        #
        #     Sarg will pass http://module_url?url=url
        #
        #block_it none
        
        # TAG: external_css_file path
        #     Provide the path to an external CSS file to link into the HTML reports instead of
        #     the inline CSS written by sarg when this option is not set.
        #
        #     In versions prior to 2.3, this used to be an absolute file name to
        #     a file to include verbatim in each HTML page but, as it takes a lot of
        #     space, version 2.3 switched to a link to an external CSS file.
        #     Therefore, this option must contain the HTTP server path on which a client
        #     browser may find the CSS file.
        #
        #     Sarg use theses style classes:
        #	.logo		logo class
        #	.info		sarg information class, align=center
        #	.title_c	title class, align=center
        #	.header_c	header class, align:center
        #	.header_l	header class, align:left
        #	.header_r	header class, align:right
        #	.text		text class, align:right
        #	.data		table text class, align:right
        #	.data2		table text class, align:left
        #	.data3		table text class, align:center
        #	.link  		link class
        #
        #     Sarg can be instructed to output the internal CSS it inline
        #     into the reports with this command:
        #
        #        sarg --css
        #
        #     You can redirect the output to a file of your choice and edit
        #     it to your liking.
        #
        #external_css_file none
        # TAG: user_authentication yes|no
        #     Allow user authentication in User Reports using .htaccess
        #     Parameters:
        #	AuthUserTemplateFile - The template to use to create the
        #     .htaccess file. In the template, %u is replaced by the
        #     user's ID for which the report is generated. The path of the
        #     template is relative to the directory containing sarg
        #     configuration file.
        #
        # user_authentication no
        # AuthUserTemplateFile sarg_htaccess
        
        # TAG: download_suffix "suffix,suffix,...,suffix"
        #    file suffix to be considered as "download" in Download report.
        #    Use 'none' to disable.
        #
        #download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
        
        # TAG: ulimit n
        #    The maximum number of open file descriptors to avoid "Too many open files" error message.
        #    You need to run Sarg as root to use ulimit tag.
        #    If you run Sarg with a low privilege user, set to 'none' to disable ulimit
        #
        #ulimit 20000
        
        # TAG: ntlm_user_format username|domainname+username
        #      NTLM users format.
        #
        #ntlm_user_format domainname+username
        ntlm_user_format user
        
        # TAG: realtime_refresh_time num sec
        #      How many seconds between auto refresh of the realtime report.
        #      0 = disable
        #
        realtime_refresh_time 0
        
        # TAG: realtime_access_log_lines num
        #      How many last lines to get from access.log file
        #
        # realtime_access_log_lines 1000
        
        # TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
        #      Which records must be in realtime report.
        #
        realtime_types GET,PUT,CONNECT
        
        # TAG: realtime_unauthenticated_records: ignore|show
        #      What to do with unauthenticated records in realtime report.
        #
        # 
        realtime_unauthenticated_records show
        
        # TAG: byte_cost value no_cost_limit
        #      Cost per byte.
        #      Eg. byte_cost 0.01 100000000
        #           per byte cost      = 0.01
        #           bytes with no cost = 100 Mb
        #      0 = disable
        #
        # byte_cost 0.01 50000000
        
        # TAG: squid24 on|off
        #      Compatilibity with squid version <= 2.4 when using emulate_http_log on
        #
        # squid24 off
        
        # TAG: sorttable path
        #      The path to a javascript script to dynamically sort the tables.
        #      The path is the link a browser must follow to find the script. For instance,
        #      it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script
        #      is at the root of your web site.
        #
        #      If the path starts with "../" then it is assumed to be a relative
        #      path and Sarg adds as many "../" as necessary to locate the js script from
        #      the output directory. Therefore, ../../sorttable.js links to the javascript
        #      one level above output_dir.
        #
        #      If this entry is set, each sortable table will have the "sortable" class set.
        #      You may have a look at http://www.kryogenix.org/code/browser/sorttable/
        #      for the implementation on which Sarg is based.
        #
        sorttable /sarg_sorttable.js
        
        # TAG: hostalias
        #      The name of a text file containing the host names (one per line) and the
        #      optional alias to use in the report instead of that host name.
        #      Host names may contain up to one wildcard denoted by a *. The wildcard
        #      must not be at the end of the host name.
        #      The host name may be followed by an optional alias; if no alias is provided,
        #      the host name, including the wildcard, replaces any matching host name found
        #      in the log.
        #      Host names replaced by identical aliases are grouped together in the
        #      reports.
        #      IP addresses are supported and accept the CIDR notation both for IPv4 and
        #      IPv6 addresses.
        #
        #      Example:
        #      *.gstatic.com
        #      mt*.google.com
        #      *.myphone.microsoft.com
        #      *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
        #      *.freeav.net antivirus:freeav
        #      *.mail.live.com
        #      65.52.00.00/14 *.mail.live.com
        hostalias /usr/local/etc/sarg/hostalias
        
        1 Reply Last reply Reply Quote 0
        • marcellocM
          marcelloc
          last edited by

          consegue comparar com o gerado depois?

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          G 1 Reply Last reply Reply Quote 0
          • J
            jdsonc
            last edited by marcelloc

            Depois do agendamento....
            Amanha dando erro eu posto......

            # sarg.conf
            #
            # TAG:  access_log file
            #       Where is the access.log
            #       sarg -l file
            #
            access_log /var/log/e2guardian/access.log
            
            # TAG: graphs yes|no
            #       Use graphics where possible.
            #           graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
            #
            graphs yes
            #graph_days_bytes_bar_color orange
            
            # TAG:  graph_font
            #       The full path to the TTF font file to use to create the graphs. It is required
            #       if graphs is set to yes.
            #
            #graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
            
            # TAG:  title
            #       Specify the title for html page.
            #
            #title "Squid User Access Reports"
            title "E2guardian User Access Reports"
            # TAG:  font_face
            #       Specify the font for html page.
            #
            #font_face Tahoma,Verdana,Arial
            
            # TAG:  header_color
            #       Specify the header color
            #
            #header_color darkblue
            
            # TAG:  header_bgcolor
            #       Specify the header bgcolor
            #
            #header_bgcolor blanchedalmond
            
            # TAG:  font_size
            #       Specify the text font size
            #
            #font_size 9px
            
            # TAG:  header_font_size
            #       Specify the header font size
            #
            #header_font_size 9px
            
            # TAG:  title_font_size
            #       Specify the title font size
            #
            #title_font_size 11px
            
            # TAG:  background_color
            # TAG:  background_color
            #       Html page background color
            #
            # background_color white
            
            # TAG:  text_color
            #       Html page text color
            #
            #text_color #000000
            
            # TAG:  text_bgcolor
            #       Html page text background color
            #
            #text_bgcolor lavender
            
            # TAG:  title_color
            #       Html page title color
            #
            #title_color green
            
            # TAG:  logo_image
            #       Html page logo.
            #
            #logo_image none
            
            # TAG:  logo_text
            #       Html page logo text.
            #
            #logo_text ""
            
            # TAG:  logo_text_color
            #       Html page logo texti color.
            #
            #logo_text_color #000000
            
            # TAG:  logo_image_size
            #       Html page logo image size.
            #       width height
            #
            #image_size 80 45
            
            # TAG:  background_image
            #       Html page background image
            #
            #background_image none
            
            # TAG:  password
            #       User password file used by Squid authentication scheme
            #       If used, generate reports just for those users.
            #
            #password none
            
            # TAG:  temporary_dir
            #       Temporary directory name for work files
            #       sarg -w dir
            #
            #temporary_dir /tmp
            
            # TAG:  output_dir
            #       The reports will be saved in that directory
            #       sarg -o dir
            #
            output_dir /usr/local/sarg-reports
            
            # TAG:  anonymous_output_files yes/no
            #       Use anonymous file and directory names in the report. If it is set to
            #       no (the default), the user ID/IP/name is slightly mangled to create a
            #       suitable file name to store the report of the user but the user's
            #       identity can easily be guessed from the mangled name. If this option is
            #       set, any file or directory belonging to the user is replaced by a short
            #       number.  The purpose is to hide the identity of the user when looking
            #       at the report file names but it may serve to shorten the path too.
            #
            anonymous_output_files no
            
            # TAG:  output_email
            #       Email address to send the reports. If you use this tag, no html reports will be generated.
            #       sarg -e email
            #
            #output_email none
            
            # TAG:  resolve_ip yes/no
            #       Convert IP address to DNS name
            #       sarg -n
            resolve_ip no
            
            # TAG:  user_ip yes/no
            #       Use IP address instead of userid in reports.
            #       sarg -p
            user_ip no
            
            # TAG:  topuser_sort_field field normal/reverse
            #       Sort field for the Topuser Report.
            #       Allowed fields: USER CONNECT BYTES TIME
            #
            topuser_sort_field BYTES normal
            
            # TAG:  user_sort_field field normal/reverse
            #       Sort field for the User Report.
            #       Allowed fields: SITE CONNECT BYTES TIME
            #
            user_sort_field BYTES normal
            
            # TAG:  exclude_users file
            #       users within the file will be excluded from reports.
            #       You can use indexonly to have only index.html file.
            #
            exclude_users /usr/local/etc/sarg/exclude_users.conf
            
            # TAG:  exclude_hosts file
            #       Hosts, domains or subnets will be excluded from reports.
            #
            #       Eg.: 192.168.10.10 - exclude this IP address only
            #            192.168.10.0/24 - exclude entire subnet
            #            host1.example.com - exclude this hostname only
            #            *.example.com - exclude entire domain
            #
            exclude_hosts /usr/local/etc/sarg/exclude_hosts.conf
            
            # TAG:  useragent_log file
            #       useragent.log file path to generate useragent report.
            #
            #useragent_log none
            
            # TAG:  date_format
            #       Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
            #
            #date_format u
            date_format u
            
            # TAG:  per_user_limit file MB
            #       Saves userid on file if download exceed n MB.
            #       This option allows you to disable user access if user exceeds a download limit.
            #
            #per_user_limit none
            
            # TAG: lastlog n
            #      How many reports files will be kept in reports directory.
            #      The oldest report file will be automatically removed.
            #      0 - no limit.
            #
            #lastlog 0
            lastlog 0
            
            # TAG: remove_temp_files yes
            #      Remove temporary files from root report directory.
            #
            remove_temp_files yes
            
            # TAG: index yes|no|only
            #      Generate the main index.html.
            #      only - generate only the main index.html
            #
            index yes
            
            # TAG: index_tree date|file
            #      How to generate the index.
            #
            index_tree file
            
            # TAG: index_fields
            #      The columns to show in the index of the reports
            #      Columns are: dirsize
            #
            #index_fields dirsize
            
            # TAG: overwrite_report yes|no
            #      yes - if report date already exist it will be overwrited.
            #       no - if report date already exist it will be renamed to filename.n, filename.n+1
            #
            overwrite_report yes
            
            # TAG: records_without_userid ignore|ip|everybody
            #      What can I do with records without user id (no authentication) in access.log file ?
            #
            #      ignore - This record will be ignored.
            #          ip - Use IP address instead. (default)
            #   everybody - Use "everybody" instead.
            #
            #records_without_userid ip
            
            # TAG: use_comma no|yes
            #      Use comma instead of dot in reports.
            #      Eg.: use_comma yes => 23,450,110
            #           use_comma no  => 23.450.110
            #
            use_comma yes
            
            # TAG: mail_utility
            #      Mail command to use to send reports via SMTP. Sarg calls it like this:
            #         mail_utility -s "SARG report, date" "output_email" <"mail_content"
            #
            #      Therefore, it is possible to add more arguments to the command by specifying them
            #      here.
            #
            #      If you need too, you can use a shell script to process the content of /dev/stdin
            #      (/dev/stdin is the mail_content passed by Sarg to the script) and call whatever
            #      command you like. It is not limited to mailing the report via SMTP.
            #
            #      Don't forget to quote the command if necessary (i.e. if the path contains
            #      characters that must be quoted).
            #
            #mail_utility mailx
            
            # TAG: topsites_num n
            #      How many sites in topsites report.
            #
            #topsites_num 100
            
            # TAG: topsites_sort_order CONNECT|BYTES|TIME A|D
            #      Sort for topsites report, where A=Ascending, D=Descending
            #
            #topsites_sort_order CONNECT D
            
            # TAG: index_sort_order A/D
            #      Sort for index.html, where A=Ascending, D=Descending
            #
            #index_sort_order D
            
            # TAG: exclude_codes file
            #      Ignore records with these Squid return codes. Eg.: NONE/400
            #      Write one code per line. Lines starting with a # are ignored.
            #      Only codes matching exactly one of the line is rejected. The
            #      comparison is not case sensitive.
            #
            exclude_codes /usr/local/etc/sarg/exclude_codes
            
            # TAG: replace_index string
            #      Replace "index.html" in the main index file with this string
            #      If null, "index.html" is used
            #
            #replace_index <?php echo str_replace(".", "_", ); echo ".html"; ?>
            
            # TAG: max_elapsed milliseconds
            #      If elapsed time recorded in log is greater than max_elapsed, use 0 for elapsed time.
            #      Use 0 for no checking
            #
            #max_elapsed 28800000
            # 8 Hours
            max_elapsed 0
            
            # TAG: report_type type
            #      What kind of reports to generate.
            #      topusers            - users, sites, times, bytes, connects, links to accessed sites, etc.
            #      topsites            - site, connect and bytes report
            #      sites_users         - users and sites report
            #      users_sites         - accessed sites by the user report
            #      date_time           - bytes used per day and hour report
            #      denied              - denied sites with full URL report
            #      auth_failures       - autentication failures report
            #      site_user_time_date - sites, dates, times and bytes report
            #      downloads           - downloads per user report
            #
            #      Eg.: report_type topsites denied
            #
            #report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
            report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
            
            # TAG: usertab filename
            #      You can change the "userid" or the "IP address" to be a real user name on the reports.
            #      If resolve_ip is active, the IP address is resolved before being looked up in this
            #      file. That is, if you want to map the ip address, be sure to set resolve_ip to no or
            #      the resolved name will be looked up in the file instead of the IP address. Note that
            #      it can be used to resolve any IP address known to the DNS and then map the unresolved
            #      IP addresses to a name found in the usertab file.
            #      Table syntax:
            #               userid name   or   ip address name
            #      Eg:
            #               SirIsaac Isaac Newton
            #               vinci Leonardo da Vinci
            #               192.168.10.1 Karol Wojtyla
            #
            #      Each line must be terminated with '\ n'
            #      If usertab is set to value "ldap" (case ignored), user names
            #      will be taken from LDAP server. Use this method to obtain usernames
            #      LDAP / Active Directory.
            #
            #usertab none
            usertab none
            
            # TAG: LDAPHost hostname
            #       FQDN or IP address of host with LDAP service or AD DC
            #       default is '127.0.0.1'
            #LDAPHost 127.0.0.1
            
            
            # TAG: LDAPPort port
            #       LDAP service port number
            #       default is '389'
            #LDAPPort 389
            
            
            # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
            #       DN of the LDAP user who is authorized to the search the LDAP database
            #       default is empty line
            #LDAPBindDN cn=proxy,dc=mydomain,dc=local
            
            
            # TAG: LDAPBindPW secret
            #       Password for LDAPBindDN specified above.
            #       default is empty line
            #LDAPBindPW secret
            
            
            # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
            #       LDAP search base DN. The search base is the place in the hierarchical LDAP structure
            #       where the search for user accounts starts.
            #       default is empty line
            #LDAPBaseSearch ou=users,dc=mydomain,dc=local
            
            
            # TAG: LDAPFilterSearch (uid=%s)
            #       Use this to filter the user login entries to be returned for a search operation in LDAP.
            #       First founded record will be used
            #       %s - will be changed to userlogins from access.log file
            #       Search filter string can have up to 5 '%s' tags.
            #       default value is '(uid=%s)'
            #LDAPFilterSearch (uid=%s)
            
            
            # TAG: LDAPTargetAttr attributename
            #       Name of the attribute containing the login name of the user.
            #       default value is 'cn'
            #LDAPTargetAttr cn
            
            
            # TAG: long_url yes|no
            #      If yes, the full url is showed in report.
            #      If no, only the site will be showed
            #
            #      YES option generate very big sort files and reports.
            #
            long_url no
            
            # TAG: date_time_by bytes|elap
            #      Date/Time reports show the downloaded volume or the elapsed time or both.
            #
            #date_time_by bytes
            date_time_by bytes
            
            # TAG: charset name
            #      ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
            #      graphic character sets for writing in alphabetic languages
            #      You can use the following charsets:
            #               Latin1          - West European
            #               Latin2          - Central and East European
            #               Latin3          - Southeast European
            #               Latin4          - Scandinavian/Baltic
            #               Cyrillic
            #               Arabic
            #               Greek
            #               Hebrew
            #               Latin5          - Turkish
            #               Latin6          - Lappish/Nordic/Eskimo
            #               Windows-1251
            #               Japan
            #               Koi8-r
            #               UTF-8
            #
            #charset Latin1
            charset UTF-8
            
            # TAG: user_invalid_char "&/"
            #      Records that contain invalid characters in userid will be ignored by Sarg.
            #
            #user_invalid_char "&/"
            
            # TAG: privacy yes|no
            #      privacy_string "***.***.***.***"
            #      privacy_string_color blue
            #      In some countries the sysadm cannot see the visited sites by a restrictive law.
            #      Using privacy 'yes', the visited url will be changes by privacy_string and the link
            #      will be removed from reports.
            #
            privacy no
            #privacy_string "***.***.***.***"
            #privacy_string_color blue
            
            # TAG: include_users "user1:user2:...:usern"
            #      Reports will be generated only for listed users.
            #
            #include_users none
            
            
            # TAG: exclude_string "string1:string2:...:stringn"
            #      Records from access.log file that contain one of listed strings will be ignored.
            #
            #exclude_string none
            exclude_string "e2gerror.php:[inet"
            # TAG: show_successful_message yes|no
            #      Shows "Successful report generated on dir" at end of process.
            #
            #show_successful_message yes
            
            # TAG: show_read_statistics yes|no
            #      Shows some reading statistics.
            #
            #show_read_statistics yes
            
            # TAG: topuser_fields
            #      Which fields must be in Topuser report.
            #
            #topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
            
            # TAG: user_report_fields
            #      Which fields must be in User report.
            #
            #user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
            
            # TAG: bytes_in_sites_users_report yes|no
            #      Bytes field must be in Site & Users Report ?
            #
            #bytes_in_sites_users_report no
            bytes_in_sites_users_report no
            
            # TAG: topuser_num n
            #      How many users in topsites report. 0 = no limit
            #
            #topuser_num 0
            topuser_num 0
            
            # TAG: datafile file
            #      Save the report results in a file to populate some database
            #
            #datafile none
            
            # TAG: datafile_delimiter "     "
            #      ascii character to use as a field separator in datafile
            #
            #datafile_delimiter ""
            
            # TAG: datafile_fields all
            #      Which data fields must be in datafile
            #      user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
            #
            #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
            
            
            # TAG: datafile_url ip|name
            #      Saves the URL as IP or name in datafile
            #
            #datafile_url ip
            
            # TAG: weekdays
            #      The weekdays to take into account ( Sunday->0, Saturday->6 )
            # Example:
            #weekdays 1-3,5
            # Default:
            #weekdays 0-6
            
            # TAG: hours
            #      The hours to take into account
            # Example:
            #hours 7-12,14,16,18-20
            # Default:
            #hours 0-23
            
            # TAG: dansguardian_conf file
            #      DansGuardian.conf file path
            #      Generate reports from DansGuardian logs.
            #      Use 'none' to disable it.
            #      dansguardian_conf /usr/dansguardian/dansguardian.conf
            #
            dansguardian_conf /usr/local/etc/e2guardian/e2guardian.conf
            
            # TAG: dansguardian_filter_out_date on|off
            #      This option replaces dansguardian_ignore_date (its name was not appropriate with respect to its action).
            #      Note the change of parameter value compared to the old option.
            #      'off' use the record even if its date is outside of the range found in the input log file.
            #      'on'  use the record only if its date is in the range found in the input log file.
            #
            dansguardian_filter_out_date on
            
            # TAG: squidguard_conf file
            #      path to squidGuard.conf file
            #      Generate reports from SquidGuard logs.
            #      Use 'none' to disable.
            #      You can use sarg -L filename to use an alternate squidGuard log.
            #      squidguard_conf /usr/local/squidGuard/squidGuard.conf
            #
            squidguard_conf none
            
            # TAG: redirector_log file
            #      The location of the web proxy redirector log, such as one created by squidGuard or Rejik. The option
            #      may be repeated up to 64 times to read multiple files.
            #      If this option is specified, it takes precedence over squidguard_conf.
            #      The command line option -L override this option.
            #
            #redirector_log /usr/local/squidGuard/var/logs/urls.log
            
            # TAG: redirector_filter_out_date on|off
            #      This option replaces squidguard_ignore_date and redirector_ignore_date (their names were not
            #      appropriate with respect to their actions).
            #      Note the change of parameter value compared to the old options.
            #      'off' use the record even if its date is outside of the range found in the input log file.
            #      'on'  use the record only if its date is in the range found in the input log file.
            #
            #redirector_filter_out_date on
            
            # TAG: redirector_log_format
            #      Format string for web proxy redirector logs.
            #      This option was named squidguard_log_format before Sarg 2.3.
            #      REJIK       #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
            #      SQUIDGUARD  #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
            #redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
            
            # TAG: show_sarg_info yes|no
            #      shows Sarg information and site path on each report bottom
            #
            show_sarg_info no
            
            # TAG: show_sarg_logo yes|no
            #      shows Sarg logo
            #
            show_sarg_logo no
            
            # TAG: parsed_output_log directory
            #      Saves the processed log in a Sarg format after parsing the squid log file.
            #      This is a way to dump all of the data structures out, after parsing from
            #      the logs (presumably this data will be much smaller than the log files themselves),
            #      and pull them back in for later processing and merging with data from previous logs.
            #
            #parsed_output_log none
            
            # TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
            #      Command to run to compress sarg parsed output log. It may contain
            #      options (such as -f to overwrite existing target file). The name of
            #      the file to compresse is provided at the end of this
            #      command line. Don't forget to quote things appropriately.
            #
            #parsed_output_log_compress /bin/gzip
            
            # TAG: displayed_values bytes|abbreviation
            #      how the values will be displayed in reports.
            #      eg. bytes        -  209.526
            #          abbreviation -  210K
            #
            #displayed_values bytes
            displayed_values bytes
            
            # Report limits
            # TAG: authfail_report_limit n
            # TAG: denied_report_limit n
            # TAG: siteusers_report_limit n
            # TAG: squidguard_report_limit n
            # TAG: user_report_limit n
            # TAG: dansguardian_report_limit n
            # TAG: download_report_limit n
            #      report limits (lines).
            #      '0' no limit
            #
            #authfail_report_limit 10
            authfail_report_limit 0
            #denied_report_limit 10
            denied_report_limit 0
            #siteusers_report_limit 0
            #squidguard_report_limit 10
            #dansguardian_report_limit 10
            #user_report_limit 10
            #user_report_limit 50
            siteusers_report_limit 0
            user_report_limit 0
            dansguardian_report_limit 0
            
            
            # TAG: www_document_root dir
            #     Where is your Web DocumentRoot
            #     Sarg will create sarg-php directory with some PHP modules:
            #     - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
            #
            #www_document_root /var/www/html
            www_document_root /usr/local/www
            
            # TAG: block_it module_url
            #     This tag allows you to pass urls from user reports to a cgi or php module,
            #     to be blocked by some Squid acl.
            #
            #     Eg.: block_it /sarg-php/sarg-block-it.php
            #     sarg-block-it is a php that will append a url to a flat file.
            #     You must change /var/www/html/sarg-php/sarg-block-it to point to your file
            #     in  variable, and chown to the httpd owner.
            #
            #     Sarg will pass http://module_url?url=url
            #
            #block_it none
            
            # TAG: external_css_file path
            #     Provide the path to an external CSS file to link into the HTML reports instead of
            #     the inline CSS written by sarg when this option is not set.
            #
            #     In versions prior to 2.3, this used to be an absolute file name to
            #     a file to include verbatim in each HTML page but, as it takes a lot of
            #     space, version 2.3 switched to a link to an external CSS file.
            #     Therefore, this option must contain the HTTP server path on which a client
            #     browser may find the CSS file.
            #
            #     Sarg use theses style classes:
            #       .logo           logo class
            #       .info           sarg information class, align=center
            #       .title_c        title class, align=center
            #       .header_c       header class, align:center
            #       .header_l       header class, align:left
            #       .header_r       header class, align:right
            #       .text           text class, align:right
            #       .data           table text class, align:right
            #       .data2          table text class, align:left
            #       .data3          table text class, align:center
            #       .link           link class
            #
            #     Sarg can be instructed to output the internal CSS it inline
            #     into the reports with this command:
            #
            #        sarg --css
            #
            #     You can redirect the output to a file of your choice and edit
            #     it to your liking.
            #
            #external_css_file none
            # TAG: user_authentication yes|no
            #     Allow user authentication in User Reports using .htaccess
            #     Parameters:
            #       AuthUserTemplateFile - The template to use to create the
            #     .htaccess file. In the template, %u is replaced by the
            #     user's ID for which the report is generated. The path of the
            #     template is relative to the directory containing sarg
            #     configuration file.
            #
            # user_authentication no
            # AuthUserTemplateFile sarg_htaccess
            
            # TAG: download_suffix "suffix,suffix,...,suffix"
            #    file suffix to be considered as "download" in Download report.
            #    Use 'none' to disable.
            #
            #download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
            
            # TAG: ulimit n
            #    The maximum number of open file descriptors to avoid "Too many open files" error message.
            #    You need to run Sarg as root to use ulimit tag.
            #    If you run Sarg with a low privilege user, set to 'none' to disable ulimit
            #
            #ulimit 20000
            
            # TAG: ntlm_user_format username|domainname+username
            #      NTLM users format.
            #
            #ntlm_user_format domainname+username
            ntlm_user_format domainname+username
            
            # TAG: realtime_refresh_time num sec
            #      How many seconds between auto refresh of the realtime report.
            #      0 = disable
            #
            realtime_refresh_time 0
            
            # TAG: realtime_access_log_lines num
            #      How many last lines to get from access.log file
            #
            # realtime_access_log_lines 1000
            
            # TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
            #      Which records must be in realtime report.
            #
            realtime_types GET,PUT,CONNECT
            
            # TAG: realtime_unauthenticated_records: ignore|show
            #      What to do with unauthenticated records in realtime report.
            #
            #
            realtime_unauthenticated_records show
            
            # TAG: byte_cost value no_cost_limit
            #      Cost per byte.
            #      Eg. byte_cost 0.01 100000000
            #           per byte cost      = 0.01
            #           bytes with no cost = 100 Mb
            #      0 = disable
            #
            # byte_cost 0.01 50000000
            
            # TAG: squid24 on|off
            #      Compatilibity with squid version <= 2.4 when using emulate_http_log on
            #
            # squid24 off
            
            # TAG: sorttable path
            #      The path to a javascript script to dynamically sort the tables.
            #      The path is the link a browser must follow to find the script. For instance,
            #      it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script
            #      is at the root of your web site.
            #
            #      If the path starts with "../" then it is assumed to be a relative
            #      path and Sarg adds as many "../" as necessary to locate the js script from
            #      the output directory. Therefore, ../../sorttable.js links to the javascript
            #      one level above output_dir.
            #
            #      If this entry is set, each sortable table will have the "sortable" class set.
            #      You may have a look at http://www.kryogenix.org/code/browser/sorttable/
            #      for the implementation on which Sarg is based.
            #
            sorttable /sarg_sorttable.js
            
            # TAG: hostalias
            #      The name of a text file containing the host names (one per line) and the
            #      optional alias to use in the report instead of that host name.
            #      Host names may contain up to one wildcard denoted by a *. The wildcard
            #      must not be at the end of the host name.
            #      The host name may be followed by an optional alias; if no alias is provided,
            #      the host name, including the wildcard, replaces any matching host name found
            #      in the log.
            #      Host names replaced by identical aliases are grouped together in the
            #      reports.
            #      IP addresses are supported and accept the CIDR notation both for IPv4 and
            #      IPv6 addresses.
            #
            #      Example:
            #      *.gstatic.com
            #      mt*.google.com
            #      *.myphone.microsoft.com
            #      *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
            #      *.freeav.net antivirus:freeav
            #      *.mail.live.com
            #      65.52.00.00/14 *.mail.live.com
            
            1 Reply Last reply Reply Quote 0
            • G
              ghislenidroid @marcelloc
              last edited by

              @marcelloc
              Apaguei o agendamento, informei os mesmos parametros.

              Comparando os arquivos a principio não identifiquei diferenças.
              Local do arquivo: /usr/local/etc/sarg/sarg.conf

              1 Reply Last reply Reply Quote 0
              • J
                jdsonc
                last edited by marcelloc

                Segue o arquivo antes de aplicar o agendamento.

                # sarg.conf
                #
                # TAG:  access_log file
                #       Where is the access.log
                #       sarg -l file
                #
                access_log
                
                # TAG: graphs yes|no
                #       Use graphics where possible.
                #           graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
                #
                graphs yes
                #graph_days_bytes_bar_color orange
                
                # TAG:  graph_font
                #       The full path to the TTF font file to use to create the graphs. It is required
                #       if graphs is set to yes.
                #
                #graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
                
                # TAG:  title
                #       Specify the title for html page.
                #
                #title "Squid User Access Reports"
                title "E2guardian User Access Reports"
                # TAG:  font_face
                #       Specify the font for html page.
                #
                #font_face Tahoma,Verdana,Arial
                
                # TAG:  header_color
                #       Specify the header color
                #
                #header_color darkblue
                
                # TAG:  header_bgcolor
                #       Specify the header bgcolor
                #
                #header_bgcolor blanchedalmond
                
                # TAG:  font_size
                #       Specify the text font size
                #
                #font_size 9px
                
                # TAG:  header_font_size
                #       Specify the header font size
                #
                #header_font_size 9px
                
                # TAG:  title_font_size
                #       Specify the title font size
                #
                #title_font_size 11px
                
                # TAG:  background_color
                # TAG:  background_color
                #       Html page background color
                #
                # background_color white
                
                # TAG:  text_color
                #       Html page text color
                #
                #text_color #000000
                
                # TAG:  text_bgcolor
                #       Html page text background color
                #
                #text_bgcolor lavender
                
                # TAG:  title_color
                #       Html page title color
                #
                #title_color green
                
                # TAG:  logo_image
                #       Html page logo.
                #
                #logo_image none
                
                # TAG:  logo_text
                #       Html page logo text.
                #
                #logo_text ""
                
                # TAG:  logo_text_color
                #       Html page logo texti color.
                #
                #logo_text_color #000000
                
                # TAG:  logo_image_size
                #       Html page logo image size.
                #       width height
                #
                #image_size 80 45
                
                # TAG:  background_image
                #       Html page background image
                #
                #background_image none
                
                # TAG:  password
                #       User password file used by Squid authentication scheme
                #       If used, generate reports just for those users.
                #
                #password none
                
                # TAG:  temporary_dir
                #       Temporary directory name for work files
                #       sarg -w dir
                #
                #temporary_dir /tmp
                
                # TAG:  output_dir
                #       The reports will be saved in that directory
                #       sarg -o dir
                #
                output_dir /usr/local/sarg-reports
                
                # TAG:  anonymous_output_files yes/no
                #       Use anonymous file and directory names in the report. If it is set to
                #       no (the default), the user ID/IP/name is slightly mangled to create a
                #       suitable file name to store the report of the user but the user's
                #       identity can easily be guessed from the mangled name. If this option is
                #       set, any file or directory belonging to the user is replaced by a short
                #       number.  The purpose is to hide the identity of the user when looking
                #       at the report file names but it may serve to shorten the path too.
                #
                anonymous_output_files no
                
                # TAG:  output_email
                #       Email address to send the reports. If you use this tag, no html reports will be generated.
                #       sarg -e email
                #
                #output_email none
                
                # TAG:  resolve_ip yes/no
                #       Convert IP address to DNS name
                #       sarg -n
                resolve_ip no
                
                # TAG:  user_ip yes/no
                #       Use IP address instead of userid in reports.
                #       sarg -p
                user_ip no
                
                # TAG:  topuser_sort_field field normal/reverse
                #       Sort field for the Topuser Report.
                #       Allowed fields: USER CONNECT BYTES TIME
                #
                topuser_sort_field BYTES normal
                
                # TAG:  user_sort_field field normal/reverse
                #       Sort field for the User Report.
                #       Allowed fields: SITE CONNECT BYTES TIME
                #
                user_sort_field BYTES normal
                
                # TAG:  exclude_users file
                #       users within the file will be excluded from reports.
                #       You can use indexonly to have only index.html file.
                #
                exclude_users /usr/local/etc/sarg/exclude_users.conf
                
                # TAG:  exclude_hosts file
                #       Hosts, domains or subnets will be excluded from reports.
                #
                #       Eg.: 192.168.10.10 - exclude this IP address only
                #            192.168.10.0/24 - exclude entire subnet
                #            host1.example.com - exclude this hostname only
                #            *.example.com - exclude entire domain
                #
                exclude_hosts /usr/local/etc/sarg/exclude_hosts.conf
                
                # TAG:  useragent_log file
                #       useragent.log file path to generate useragent report.
                #
                #useragent_log none
                
                # TAG:  date_format
                #       Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
                #
                #date_format u
                date_format u
                
                # TAG:  per_user_limit file MB
                #       Saves userid on file if download exceed n MB.
                #       This option allows you to disable user access if user exceeds a download limit.
                #
                #per_user_limit none
                
                # TAG: lastlog n
                #      How many reports files will be kept in reports directory.
                #      The oldest report file will be automatically removed.
                #      0 - no limit.
                #
                #lastlog 0
                lastlog 0
                
                # TAG: remove_temp_files yes
                #      Remove temporary files from root report directory.
                #
                remove_temp_files yes
                
                # TAG: index yes|no|only
                #      Generate the main index.html.
                #      only - generate only the main index.html
                #
                index yes
                
                # TAG: index_tree date|file
                #      How to generate the index.
                #
                index_tree file
                
                # TAG: index_fields
                #      The columns to show in the index of the reports
                #      Columns are: dirsize
                #
                #index_fields dirsize
                
                # TAG: overwrite_report yes|no
                #      yes - if report date already exist it will be overwrited.
                #       no - if report date already exist it will be renamed to filename.n, filename.n+1
                #
                overwrite_report yes
                
                # TAG: records_without_userid ignore|ip|everybody
                #      What can I do with records without user id (no authentication) in access.log file ?
                #
                #      ignore - This record will be ignored.
                #          ip - Use IP address instead. (default)
                #   everybody - Use "everybody" instead.
                #
                #records_without_userid ip
                
                # TAG: use_comma no|yes
                #      Use comma instead of dot in reports.
                #      Eg.: use_comma yes => 23,450,110
                #           use_comma no  => 23.450.110
                #
                use_comma yes
                
                # TAG: mail_utility
                #      Mail command to use to send reports via SMTP. Sarg calls it like this:
                #         mail_utility -s "SARG report, date" "output_email" <"mail_content"
                #
                #      Therefore, it is possible to add more arguments to the command by specifying them
                #      here.
                #
                #      If you need too, you can use a shell script to process the content of /dev/stdin
                #      (/dev/stdin is the mail_content passed by Sarg to the script) and call whatever
                #      command you like. It is not limited to mailing the report via SMTP.
                #
                #      Don't forget to quote the command if necessary (i.e. if the path contains
                #      characters that must be quoted).
                #
                #mail_utility mailx
                
                # TAG: topsites_num n
                #      How many sites in topsites report.
                #
                #topsites_num 100
                
                # TAG: topsites_sort_order CONNECT|BYTES|TIME A|D
                #      Sort for topsites report, where A=Ascending, D=Descending
                #
                #topsites_sort_order CONNECT D
                
                # TAG: index_sort_order A/D
                #      Sort for index.html, where A=Ascending, D=Descending
                #
                #index_sort_order D
                
                # TAG: exclude_codes file
                #      Ignore records with these Squid return codes. Eg.: NONE/400
                #      Write one code per line. Lines starting with a # are ignored.
                #      Only codes matching exactly one of the line is rejected. The
                #      comparison is not case sensitive.
                #
                exclude_codes /usr/local/etc/sarg/exclude_codes
                
                # TAG: replace_index string
                #      Replace "index.html" in the main index file with this string
                #      If null, "index.html" is used
                #
                #replace_index <?php echo str_replace(".", "_", ); echo ".html"; ?>
                
                # TAG: max_elapsed milliseconds
                #      If elapsed time recorded in log is greater than max_elapsed, use 0 for elapsed time.
                #      Use 0 for no checking
                #
                #max_elapsed 28800000
                # 8 Hours
                max_elapsed 0
                
                # TAG: report_type type
                #      What kind of reports to generate.
                #      topusers            - users, sites, times, bytes, connects, links to accessed sites, etc.
                #      topsites            - site, connect and bytes report
                #      sites_users         - users and sites report
                #      users_sites         - accessed sites by the user report
                #      date_time           - bytes used per day and hour report
                #      denied              - denied sites with full URL report
                #      auth_failures       - autentication failures report
                #      site_user_time_date - sites, dates, times and bytes report
                #      downloads           - downloads per user report
                #
                #      Eg.: report_type topsites denied
                #
                #report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
                report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
                
                # TAG: usertab filename
                #      You can change the "userid" or the "IP address" to be a real user name on the reports.
                #      If resolve_ip is active, the IP address is resolved before being looked up in this
                #      file. That is, if you want to map the ip address, be sure to set resolve_ip to no or
                #      the resolved name will be looked up in the file instead of the IP address. Note that
                #      it can be used to resolve any IP address known to the DNS and then map the unresolved
                #      IP addresses to a name found in the usertab file.
                #      Table syntax:
                #               userid name   or   ip address name
                #      Eg:
                #               SirIsaac Isaac Newton
                #               vinci Leonardo da Vinci
                #               192.168.10.1 Karol Wojtyla
                #
                #      Each line must be terminated with '\ n'
                #      If usertab is set to value "ldap" (case ignored), user names
                #      will be taken from LDAP server. Use this method to obtain usernames
                #      LDAP / Active Directory.
                #
                #usertab none
                usertab none
                
                # TAG: LDAPHost hostname
                #       FQDN or IP address of host with LDAP service or AD DC
                #       default is '127.0.0.1'
                #LDAPHost 127.0.0.1
                
                
                # TAG: LDAPPort port
                #       LDAP service port number
                #       default is '389'
                #LDAPPort 389
                
                
                # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
                #       DN of the LDAP user who is authorized to the search the LDAP database
                #       default is empty line
                #LDAPBindDN cn=proxy,dc=mydomain,dc=local
                
                
                # TAG: LDAPBindPW secret
                #       Password for LDAPBindDN specified above.
                #       default is empty line
                #LDAPBindPW secret
                
                
                # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
                #       LDAP search base DN. The search base is the place in the hierarchical LDAP structure
                #       where the search for user accounts starts.
                #       default is empty line
                #LDAPBaseSearch ou=users,dc=mydomain,dc=local
                
                
                # TAG: LDAPFilterSearch (uid=%s)
                #       Use this to filter the user login entries to be returned for a search operation in LDAP.
                #       First founded record will be used
                #       %s - will be changed to userlogins from access.log file
                #       Search filter string can have up to 5 '%s' tags.
                #       default value is '(uid=%s)'
                #LDAPFilterSearch (uid=%s)
                
                
                # TAG: LDAPTargetAttr attributename
                #       Name of the attribute containing the login name of the user.
                #       default value is 'cn'
                #LDAPTargetAttr cn
                
                
                # TAG: long_url yes|no
                #      If yes, the full url is showed in report.
                #      If no, only the site will be showed
                #
                #      YES option generate very big sort files and reports.
                #
                long_url no
                
                # TAG: date_time_by bytes|elap
                #      Date/Time reports show the downloaded volume or the elapsed time or both.
                #
                #date_time_by bytes
                date_time_by bytes
                
                # TAG: charset name
                #      ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
                #      graphic character sets for writing in alphabetic languages
                #      You can use the following charsets:
                #               Latin1          - West European
                #               Latin2          - Central and East European
                #               Latin3          - Southeast European
                #               Latin4          - Scandinavian/Baltic
                #               Cyrillic
                #               Arabic
                #               Greek
                #               Hebrew
                #               Latin5          - Turkish
                #               Latin6          - Lappish/Nordic/Eskimo
                #               Windows-1251
                #               Japan
                #               Koi8-r
                #               UTF-8
                #
                #charset Latin1
                charset UTF-8
                
                # TAG: user_invalid_char "&/"
                #      Records that contain invalid characters in userid will be ignored by Sarg.
                #
                #user_invalid_char "&/"
                
                # TAG: privacy yes|no
                #      privacy_string "***.***.***.***"
                #      privacy_string_color blue
                #      In some countries the sysadm cannot see the visited sites by a restrictive law.
                #      Using privacy 'yes', the visited url will be changes by privacy_string and the link
                #      will be removed from reports.
                #
                privacy no
                #privacy_string "***.***.***.***"
                #privacy_string_color blue
                
                # TAG: include_users "user1:user2:...:usern"
                #      Reports will be generated only for listed users.
                #
                #include_users none
                
                
                # TAG: exclude_string "string1:string2:...:stringn"
                #      Records from access.log file that contain one of listed strings will be ignored.
                #
                #exclude_string none
                exclude_string "e2gerror.php:[inet"
                # TAG: show_successful_message yes|no
                #      Shows "Successful report generated on dir" at end of process.
                #
                #show_successful_message yes
                
                # TAG: show_read_statistics yes|no
                #      Shows some reading statistics.
                #
                #show_read_statistics yes
                
                # TAG: topuser_fields
                #      Which fields must be in Topuser report.
                #
                #topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
                
                # TAG: user_report_fields
                #      Which fields must be in User report.
                #
                #user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
                
                # TAG: bytes_in_sites_users_report yes|no
                #      Bytes field must be in Site & Users Report ?
                #
                #bytes_in_sites_users_report no
                bytes_in_sites_users_report no
                
                # TAG: topuser_num n
                #      How many users in topsites report. 0 = no limit
                #
                #topuser_num 0
                topuser_num 0
                
                # TAG: datafile file
                #      Save the report results in a file to populate some database
                #
                #datafile none
                
                # TAG: datafile_delimiter "     "
                #      ascii character to use as a field separator in datafile
                #
                #datafile_delimiter ""
                
                # TAG: datafile_fields all
                #      Which data fields must be in datafile
                #      user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
                #
                #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
                
                
                # TAG: datafile_url ip|name
                #      Saves the URL as IP or name in datafile
                #
                #datafile_url ip
                
                # TAG: weekdays
                #      The weekdays to take into account ( Sunday->0, Saturday->6 )
                # Example:
                #weekdays 1-3,5
                # Default:
                #weekdays 0-6
                
                # TAG: hours
                #      The hours to take into account
                # Example:
                #hours 7-12,14,16,18-20
                # Default:
                #hours 0-23
                
                # TAG: dansguardian_conf file
                #      DansGuardian.conf file path
                #      Generate reports from DansGuardian logs.
                #      Use 'none' to disable it.
                #      dansguardian_conf /usr/dansguardian/dansguardian.conf
                #
                dansguardian_conf
                
                # TAG: dansguardian_filter_out_date on|off
                #      This option replaces dansguardian_ignore_date (its name was not appropriate with respect to its action).
                #      Note the change of parameter value compared to the old option.
                #      'off' use the record even if its date is outside of the range found in the input log file.
                #      'on'  use the record only if its date is in the range found in the input log file.
                #
                dansguardian_filter_out_date on
                
                # TAG: squidguard_conf file
                #      path to squidGuard.conf file
                #      Generate reports from SquidGuard logs.
                #      Use 'none' to disable.
                #      You can use sarg -L filename to use an alternate squidGuard log.
                #      squidguard_conf /usr/local/squidGuard/squidGuard.conf
                #
                squidguard_conf none
                
                # TAG: redirector_log file
                #      The location of the web proxy redirector log, such as one created by squidGuard or Rejik. The option
                #      may be repeated up to 64 times to read multiple files.
                #      If this option is specified, it takes precedence over squidguard_conf.
                #      The command line option -L override this option.
                #
                #redirector_log /usr/local/squidGuard/var/logs/urls.log
                
                # TAG: redirector_filter_out_date on|off
                #      This option replaces squidguard_ignore_date and redirector_ignore_date (their names were not
                #      appropriate with respect to their actions).
                #      Note the change of parameter value compared to the old options.
                #      'off' use the record even if its date is outside of the range found in the input log file.
                #      'on'  use the record only if its date is in the range found in the input log file.
                #
                #redirector_filter_out_date on
                
                # TAG: redirector_log_format
                #      Format string for web proxy redirector logs.
                #      This option was named squidguard_log_format before Sarg 2.3.
                #      REJIK       #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
                #      SQUIDGUARD  #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
                #redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
                
                # TAG: show_sarg_info yes|no
                #      shows Sarg information and site path on each report bottom
                #
                show_sarg_info no
                
                # TAG: show_sarg_logo yes|no
                #      shows Sarg logo
                #
                show_sarg_logo no
                
                # TAG: parsed_output_log directory
                #      Saves the processed log in a Sarg format after parsing the squid log file.
                #      This is a way to dump all of the data structures out, after parsing from
                #      the logs (presumably this data will be much smaller than the log files themselves),
                #      and pull them back in for later processing and merging with data from previous logs.
                #
                #parsed_output_log none
                
                # TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
                #      Command to run to compress sarg parsed output log. It may contain
                #      options (such as -f to overwrite existing target file). The name of
                #      the file to compresse is provided at the end of this
                #      command line. Don't forget to quote things appropriately.
                #
                #parsed_output_log_compress /bin/gzip
                
                # TAG: displayed_values bytes|abbreviation
                #      how the values will be displayed in reports.
                #      eg. bytes        -  209.526
                #          abbreviation -  210K
                #
                #displayed_values bytes
                displayed_values bytes
                
                # Report limits
                # TAG: authfail_report_limit n
                # TAG: denied_report_limit n
                # TAG: siteusers_report_limit n
                # TAG: squidguard_report_limit n
                # TAG: user_report_limit n
                # TAG: dansguardian_report_limit n
                # TAG: download_report_limit n
                #      report limits (lines).
                #      '0' no limit
                #
                #authfail_report_limit 10
                authfail_report_limit 0
                #denied_report_limit 10
                denied_report_limit 0
                #siteusers_report_limit 0
                #squidguard_report_limit 10
                #dansguardian_report_limit 10
                #user_report_limit 10
                #user_report_limit 50
                siteusers_report_limit 0
                user_report_limit 0
                dansguardian_report_limit 0
                
                
                # TAG: www_document_root dir
                #     Where is your Web DocumentRoot
                #     Sarg will create sarg-php directory with some PHP modules:
                #     - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
                #
                #www_document_root /var/www/html
                www_document_root /usr/local/www
                
                # TAG: block_it module_url
                #     This tag allows you to pass urls from user reports to a cgi or php module,
                #     to be blocked by some Squid acl.
                #
                #     Eg.: block_it /sarg-php/sarg-block-it.php
                #     sarg-block-it is a php that will append a url to a flat file.
                #     You must change /var/www/html/sarg-php/sarg-block-it to point to your file
                #     in  variable, and chown to the httpd owner.
                #
                #     Sarg will pass http://module_url?url=url
                #
                #block_it none
                
                # TAG: external_css_file path
                #     Provide the path to an external CSS file to link into the HTML reports instead of
                #     the inline CSS written by sarg when this option is not set.
                #
                #     In versions prior to 2.3, this used to be an absolute file name to
                #     a file to include verbatim in each HTML page but, as it takes a lot of
                #     space, version 2.3 switched to a link to an external CSS file.
                #     Therefore, this option must contain the HTTP server path on which a client
                #     browser may find the CSS file.
                #
                #     Sarg use theses style classes:
                #       .logo           logo class
                #       .info           sarg information class, align=center
                #       .title_c        title class, align=center
                #       .header_c       header class, align:center
                #       .header_l       header class, align:left
                #       .header_r       header class, align:right
                #       .text           text class, align:right
                #       .data           table text class, align:right
                #       .data2          table text class, align:left
                #       .data3          table text class, align:center
                #       .link           link class
                #
                #     Sarg can be instructed to output the internal CSS it inline
                #     into the reports with this command:
                #
                #        sarg --css
                #
                #     You can redirect the output to a file of your choice and edit
                #     it to your liking.
                #
                #external_css_file none
                # TAG: user_authentication yes|no
                #     Allow user authentication in User Reports using .htaccess
                #     Parameters:
                #       AuthUserTemplateFile - The template to use to create the
                #     .htaccess file. In the template, %u is replaced by the
                #     user's ID for which the report is generated. The path of the
                #     template is relative to the directory containing sarg
                #     configuration file.
                #
                # user_authentication no
                # AuthUserTemplateFile sarg_htaccess
                
                # TAG: download_suffix "suffix,suffix,...,suffix"
                #    file suffix to be considered as "download" in Download report.
                #    Use 'none' to disable.
                #
                #download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
                
                # TAG: ulimit n
                #    The maximum number of open file descriptors to avoid "Too many open files" error message.
                #    You need to run Sarg as root to use ulimit tag.
                #    If you run Sarg with a low privilege user, set to 'none' to disable ulimit
                #
                #ulimit 20000
                
                # TAG: ntlm_user_format username|domainname+username
                #      NTLM users format.
                #
                #ntlm_user_format domainname+username
                ntlm_user_format domainname+username
                
                # TAG: realtime_refresh_time num sec
                #      How many seconds between auto refresh of the realtime report.
                #      0 = disable
                #
                realtime_refresh_time 0
                
                # TAG: realtime_access_log_lines num
                #      How many last lines to get from access.log file
                #
                # realtime_access_log_lines 1000
                
                # TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
                #      Which records must be in realtime report.
                #
                realtime_types GET,PUT,CONNECT
                
                # TAG: realtime_unauthenticated_records: ignore|show
                #      What to do with unauthenticated records in realtime report.
                #
                #
                realtime_unauthenticated_records show
                
                # TAG: byte_cost value no_cost_limit
                #      Cost per byte.
                #      Eg. byte_cost 0.01 100000000
                #           per byte cost      = 0.01
                #           bytes with no cost = 100 Mb
                #      0 = disable
                #
                # byte_cost 0.01 50000000
                
                # TAG: squid24 on|off
                #      Compatilibity with squid version <= 2.4 when using emulate_http_log on
                #
                # squid24 off
                
                # TAG: sorttable path
                #      The path to a javascript script to dynamically sort the tables.
                #      The path is the link a browser must follow to find the script. For instance,
                #      it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script
                #      is at the root of your web site.
                #
                #      If the path starts with "../" then it is assumed to be a relative
                #      path and Sarg adds as many "../" as necessary to locate the js script from
                #      the output directory. Therefore, ../../sorttable.js links to the javascript
                #      one level above output_dir.
                #
                #      If this entry is set, each sortable table will have the "sortable" class set.
                #      You may have a look at http://www.kryogenix.org/code/browser/sorttable/
                #      for the implementation on which Sarg is based.
                #
                sorttable /sarg_sorttable.js
                
                # TAG: hostalias
                #      The name of a text file containing the host names (one per line) and the
                #      optional alias to use in the report instead of that host name.
                #      Host names may contain up to one wildcard denoted by a *. The wildcard
                #      must not be at the end of the host name.
                #      The host name may be followed by an optional alias; if no alias is provided,
                #      the host name, including the wildcard, replaces any matching host name found
                #      in the log.
                #      Host names replaced by identical aliases are grouped together in the
                #      reports.
                #      IP addresses are supported and accept the CIDR notation both for IPv4 and
                #      IPv6 addresses.
                #
                #      Example:
                #      *.gstatic.com
                #      mt*.google.com
                #      *.myphone.microsoft.com
                #      *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
                #      *.freeav.net antivirus:freeav
                #      *.mail.live.com
                #      65.52.00.00/14 *.mail.live.com
                
                1 Reply Last reply Reply Quote 0
                • G
                  ghislenidroid
                  last edited by ghislenidroid

                  @marcelloc executei o comando na shell e obtive o retorno

                  code
                  root: sarg -d `date -v-1w +%d/%m/%Y`-`date -v-1d +%d/%m/%Y`
                  SARG: Loop detected in getword after 256 bytes.
                  SARG: Line="1528476366.447    162 192.168.oa er TCP_MISS/204 0 GET"
                  SARG: Record="https://g.bing.com/uac/request?size=300x600;noperf=1;adclntid=1002;alias=SKYBRPT9;kvmsft_ext_inv_cd=br;kvmsft_muid=34c7d87a37d36b3b228dd3b733d36807;kvmsft_optout=1;kvmsft_sdkversion=8.9;kvpg=%2Fstatic.skypeassets%2Fadserver%2Fadloader-v2.html;kvugc=0;kvrefd=apps.skype.com;kvmn=SKYBRPT9;kvgrp=476601497;kvismob=2;extmirroring=0;kvtile=1;target=_blank;aduho=-180;grp=476601497 - DEFAULT_PARENT/ -"
                  SARG: searching for 'x20'
                  SARG: Invalid user ID in file "/var/log/e2guardian/access.log"
                  
                  
                  

                  Pelo que pude ver, parece que é alguma ACL que mexi e não está sendo carregada corretamente pro relatório.

                  Edit:

                  Editei o access.log e retirei a linha que estava apresentando erro, observei então que trouxe

                  
                  https://advergine.com/stat?&h=www.maxmilhas.com.br&t=0.9895906489163713
                  https://ch1-client-s.gateway.messenger.live.com
                  licitacoes/favorites.json
                  web/public/boletins/1172455570/followups/1417001659.json
                  [in.168.1.120 -- Esse eu corrigi na unha 
                  

                  Depois rodei novamente o comando para gerar os relatórios da última semana.
                  Consegui criar o relatório, vou criar agora o agendamento para ser diário e atualizado a cada 30 minutos.

                  A dúvida agora, é saber como e porque carregou os dados/sites que citei acima.

                  1 Reply Last reply Reply Quote 0
                  • G
                    ghislenidroid
                    last edited by

                    Acompanhei o processo de atualização do SARG a cada 30 min e aparentemente está td ok.

                    1 Reply Last reply Reply Quote 0
                    • J
                      jdsonc
                      last edited by

                      Meu Sarg esta lendo os logs normalmente por enquanto, mas no SYSTEM LOGS do Pfsense ainda está gerando o erro a seguir.

                      nginx: 2018/06/14 13:47:05 [error] 46335#100130: *2872 open() "/usr/local/www/sarg_sorttable.js" failed (2: No such file or directory), client: 192.168.0.69, server: , request: "GET /sarg_sorttable.js HTTP/1.1", host: "192.168.0.1", referrer: "http://192.168.0.1/sarg_frame.php?prevent=446666891557765600?"

                      Q estranho....

                      1 Reply Last reply Reply Quote 0
                      • clebermedinaC
                        clebermedina
                        last edited by

                        Meu sarg esta funcionando perfeitamente, o unico porem e q ele parou de resolver os IP nos relatorio,

                        Mesmo no terminal quando roda sarg -n ele gera o relatorio com ips somente, alguem tem ideia de como resolver?

                        Obrigado

                        1 Reply Last reply Reply Quote 0
                        • marcellocM
                          marcelloc
                          last edited by

                          Mudou alguma opção de configuração?

                          Treinamentos de Elite: http://sys-squad.com

                          Help a community developer! ;D

                          clebermedinaC 1 Reply Last reply Reply Quote 0
                          • clebermedinaC
                            clebermedina @marcelloc
                            last edited by

                            @marcelloc não, eu so habilitei o pfblocker

                            1 Reply Last reply Reply Quote 0
                            • clebermedinaC
                              clebermedina
                              last edited by

                              quando pingo uma estação tipo estacao1.dominio no shell do pfsense ele resolve certo.

                              marcellocM 1 Reply Last reply Reply Quote 0
                              • marcellocM
                                marcelloc @clebermedina
                                last edited by

                                @clebermedina , Roda o sarg na console, ve se ele acusa algum erro ou dificuldade.

                                Treinamentos de Elite: http://sys-squad.com

                                Help a community developer! ;D

                                clebermedinaC 1 Reply Last reply Reply Quote 0
                                • clebermedinaC
                                  clebermedina @marcelloc
                                  last edited by marcelloc

                                  @marcelloc nenhuma pelo visto

                                  sarg -xn
                                  SARG: Init
                                  SARG: Loading configuration from /usr/local/etc/sarg/sarg.conf
                                  SARG: Chaining IP resolving module "dns"
                                  SARG: Chaining IP resolving module "dns"
                                  SARG: Loading exclude host file from: /usr/local/etc/sarg/exclude_hosts.conf
                                  SARG: Loading exclude file from: /usr/local/etc/sarg/exclude_users.conf
                                  SARG: Reading host alias file "/usr/local/etc/sarg/hostalias"
                                  SARG: List of host names to alias:
                                  SARG: Parameters:
                                  SARG:           Hostname or IP address (-a) =
                                  SARG:                    Useragent log (-b) =
                                  SARG:                     Exclude file (-c) = /usr/local/etc/sarg/exclude_hosts.conf
                                  SARG:                  Date from-until (-d) =
                                  SARG:    Email address to send reports (-e) =
                                  SARG:                      Config file (-f) = /usr/local/etc/sarg/sarg.conf
                                  SARG:                      Date format (-g) = Europe (dd/mm/yyyy)
                                  SARG:                        IP report (-i) = No
                                  SARG:             Keep temporary files (-k) = No
                                  SARG:                        Input log (-l) = /var/log/e2guardian/access.log
                                  SARG:               Resolve IP Address (-n) = Yes
                                  SARG:                       Output dir (-o) = /usr/local/sarg-reports/
                                  SARG: Use Ip Address instead of userid (-p) = No
                                  SARG:                    Accessed site (-s) =
                                  SARG:                             Time (-t) =
                                  SARG:                             User (-u) =
                                  SARG:                    Temporary dir (-w) = /tmp/sarg
                                  SARG:                   Debug messages (-x) = Yes
                                  SARG:                 Process messages (-z) = No
                                  SARG:  Previous reports to keep (--lastlog) = 0
                                  SARG:
                                  SARG: SARG version: 2.3.10 Apr-12-2015
                                  SARG: Reading access log file: /var/log/e2guardian/access.log
                                  SARG: Records in file: 27997, reading: 100.00%
                                  SARG:    Records read: 27997, written: 27997, excluded: 0
                                  SARG: Squid log format
                                  SARG: Period: 14 Jun 2018
                                  SARG: File "/usr/local/sarg-reports/14Jun2018-14Jun2018" already exists, moved to "/usr/local/                                                                                                                                               sarg-reports/14Jun2018-14Jun2018.2"
                                  SARG: Sorting log /tmp/sarg/192_168_10_137.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_137
                                  SARG: Sorting log /tmp/sarg/192_168_10_109.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_109
                                  SARG: Sorting log /tmp/sarg/192_168_10_121.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_121
                                  SARG: Sorting log /tmp/sarg/192_168_10_115.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_115
                                  SARG: Sorting log /tmp/sarg/192_168_10_106.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_106
                                  SARG: Sorting log /tmp/sarg/192_168_10_118.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_118
                                  SARG: Sorting log /tmp/sarg/192_168_10_138.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_138
                                  SARG: Sorting log /tmp/sarg/192_168_10_108.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_108
                                  SARG: Sorting log /tmp/sarg/192_168_10_125.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_125
                                  SARG: Sorting log /tmp/sarg/192_168_10_112.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_112
                                  SARG: Sorting log /tmp/sarg/192_168_10_116.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_116
                                  SARG: Sorting log /tmp/sarg/192_168_10_128.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_128
                                  SARG: Sorting log /tmp/sarg/192_168_10_117.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_117
                                  SARG: Sorting log /tmp/sarg/192_168_10_134.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_134
                                  SARG: Sorting log /tmp/sarg/192_168_10_147.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_147
                                  SARG: Sorting log /tmp/sarg/192_168_10_110.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_110
                                  SARG: Sorting log /tmp/sarg/192_168_10_126.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_126
                                  SARG: Sorting log /tmp/sarg/192_168_10_141.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_141
                                  SARG: Sorting log /tmp/sarg/192_168_10_107.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_107
                                  SARG: Sorting log /tmp/sarg/192_168_10_113.user_unsort
                                  SARG: Making file /tmp/sarg/192_168_10_113
                                  SARG: Using the dansguardian log file "/var/log/e2guardian/access.log" found in your configura                                                                                                                                               tion file "/usr/local/etc/e2guardian/e2guardian.conf"
                                  SARG: Reading DansGuardian log file "/var/log/e2guardian/access.log"
                                  SARG: Sorting file "/tmp/sarg/dansguardian.int_log"
                                  SARG: Sorting file "/tmp/sarg/192_168_10_137.utmp"
                                  SARG: Making report 192.168.10.137
                                  SARG: Sorting file "/tmp/sarg/192_168_10_109.utmp"
                                  SARG: Making report 192.168.10.109
                                  SARG: Sorting file "/tmp/sarg/192_168_10_121.utmp"
                                  SARG: Making report 192.168.10.121
                                  SARG: Sorting file "/tmp/sarg/192_168_10_115.utmp"
                                  SARG: Making report 192.168.10.115
                                  SARG: Sorting file "/tmp/sarg/192_168_10_106.utmp"
                                  SARG: Making report 192.168.10.106
                                  SARG: Sorting file "/tmp/sarg/192_168_10_118.utmp"
                                  SARG: Making report 192.168.10.118
                                  SARG: Sorting file "/tmp/sarg/192_168_10_138.utmp"
                                  SARG: Making report 192.168.10.138
                                  SARG: Sorting file "/tmp/sarg/192_168_10_108.utmp"
                                  SARG: Making report 192.168.10.108
                                  SARG: Sorting file "/tmp/sarg/192_168_10_125.utmp"
                                  SARG: Making report 192.168.10.125
                                  SARG: Sorting file "/tmp/sarg/192_168_10_112.utmp"
                                  SARG: Making report 192.168.10.112
                                  SARG: Sorting file "/tmp/sarg/192_168_10_116.utmp"
                                  SARG: Making report 192.168.10.116
                                  SARG: Sorting file "/tmp/sarg/192_168_10_128.utmp"
                                  SARG: Making report 192.168.10.128
                                  SARG: Sorting file "/tmp/sarg/192_168_10_117.utmp"
                                  SARG: Making report 192.168.10.117
                                  SARG: Sorting file "/tmp/sarg/192_168_10_134.utmp"
                                  SARG: Making report 192.168.10.134
                                  SARG: Sorting file "/tmp/sarg/192_168_10_147.utmp"
                                  SARG: Making report 192.168.10.147
                                  SARG: Sorting file "/tmp/sarg/192_168_10_110.utmp"
                                  SARG: Making report 192.168.10.110
                                  SARG: Sorting file "/tmp/sarg/192_168_10_126.utmp"
                                  SARG: Making report 192.168.10.126
                                  SARG: Sorting file "/tmp/sarg/192_168_10_141.utmp"
                                  SARG: Making report 192.168.10.141
                                  SARG: Sorting file "/tmp/sarg/192_168_10_107.utmp"
                                  SARG: Making report 192.168.10.107
                                  SARG: Sorting file "/tmp/sarg/192_168_10_113.utmp"
                                  SARG: Making report 192.168.10.113
                                  SARG: Making index.html
                                  SARG: Successful report generated on /usr/local/sarg-reports/14Jun2018-14Jun2018
                                  SARG: Purging temporary file sarg-general
                                  SARG: End
                                  
                                  1 Reply Last reply Reply Quote 0
                                  • marcellocM
                                    marcelloc
                                    last edited by marcelloc

                                    Se está gerando mais de uma vez por dia, marca a opção overwrite report. Isso vai gerar um único relatório do dia que vai "se completando" com o passar das horas.

                                    a opção que resolve o nome das estações é Convert IP address to DNS name, ela está marcada?

                                    Treinamentos de Elite: http://sys-squad.com

                                    Help a community developer! ;D

                                    1 Reply Last reply Reply Quote 0
                                    • clebermedinaC
                                      clebermedina
                                      last edited by

                                      Entao @marcelloc, eu entendo o funcionamento, a overwrite esta disabilitada para eu comparar os resultados nos testes

                                      A opção Convert IP address to DNS name esta habilitada tambem.

                                      O interessante e que parou de resolver do nada.

                                      1 Reply Last reply Reply Quote 0
                                      • J
                                        jdsonc
                                        last edited by jdsonc

                                        Meu sarg so atualiza os relatorios quando rodo o comando ...
                                        sarg -nx no terminal, não esta atualizando com o schedule no cron.
                                        Ja removi o pacote, ja reinstalei, removi todos os logs, exclui todos os diretorios do sarg e o mesmo problema continua.
                                        Alguem tem ideia do que possa ser?

                                        1 Reply Last reply Reply Quote 0
                                        • G
                                          gahgon
                                          last edited by

                                          Boa noite , realizei a instalação do e2g + sarg , e ocorre que não abre o relatório, segui os passos do topico e posto o conteudo do comando sarg-x via ssh
                                          0_1529152869184_erro_logs.jpg

                                          1 Reply Last reply Reply Quote 0
                                          • marcellocM
                                            marcelloc
                                            last edited by

                                            Roda o comando que esta agendado no cron e qual é a saída dele.

                                            Treinamentos de Elite: http://sys-squad.com

                                            Help a community developer! ;D

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.