Sarg package for pfsense
-
file permission. but I'm not getting it here. I have some sarg boxes and all are working fine.
What pfsense version are you using? nanobsd?
-
2.0.1-RELEASE (i386)
built on Mon Dec 12 17:53:52 EST 2011
FreeBSD 8.1-RELEASE-p6If it's file permissions, this must be something that Squid changed when I installed squid3? And changing back to squid1 has not altered it?
What file permission would be incorrect?
Thanks.
-
I had a strange issue today after installing squid3 and then sarg (on a new pfsense install) and then uninstalling squid3 then installing squid.
I could not access the reports…complained about missing index.html.
After putting some debug text into the sarg php, I noticed the /usr/local/sarg-reports/index.html was missing and not being created.
To force it to be created, I had to manually select (highlight) "Generate the main index.html (yes)" in Sarg Settings: General Tab: Report Settings/Report Options. Even though is should default to be on(yes).
Then running the schedule (force update) created the main index file and it all worked :)
Not sure what happened there!
-
To force it to be created, I had to manually select (highlight) "Generate the main index.html (yes)" in Sarg Settings: General Tab: Report Settings/Report Options. Even though is should default to be on(yes).
You must select options to enable, that's what field description says.
-
Hi. My index is displaying, but just not for dates since I swapped to Squid 3 and back to Squid.
Where would I find the files to check the permissions on?
Thanks.
-
To force it to be created, I had to manually select (highlight) "Generate the main index.html (yes)" in Sarg Settings: General Tab: Report Settings/Report Options. Even though is should default to be on(yes).
You must select options to enable, that's what field description says.
Thanks for clarifying that.
I think it could be better worded…as it also says default values are in (). I interpret that as these are the Default values. ie. if you do not select anything, it will default to these values....as in Option 2 from the Oxford dictionary:
noun
Pronunciation: /dɪˈfɔːlt, ˈdiːfɔːlt/
1 [mass noun] failure to fulfil an obligation, especially to repay a loan or appear in a law court:
the company will have to restructure its debts to avoid default
[count noun]:
the deteriorating economy pushed defaults to almost $20 billion
2 [in singular] a preselected option adopted by a computer program or other mechanism when no alternative is specified by the user or programmer: -
The next line explains it.
"If you select any option, it will be enabled on conf file."
-
I say this with all due respect and appreciation for making this package available….
I am simply providing user feedback that the wording is unclear and confusing - and does not align with the common usage of the term default nor common UI design practices.
It is your package so feel free to ignore this feedback.
-
Thanks for your feedback
I'll include a longer description to be more clear.
something like
If you select a option, it will be enabled on conf file.
If you do not select a option, it will be disabled on config file.
the () only shows default config values but it does not mean that not selecting it will be enable by default. -
Sounds good.
Thanks for doing that…hopefully will make it easier for newbies to pfsense like me.
-
Hey, i am a newbie i just installed pfsense 2 days ago… i want to install sarg so that i can log all the sites and downloads that are performed by the users. I was unable to find any guide or anything to proceed. Can someone please help me? :) :)
-
Hey, i am a newbie i just installed pfsense 2 days ago… i want to install sarg so that i can log all the sites and downloads that are performed by the users. I was unable to find any guide or anything to proceed. Can someone please help me? :) :)
SARG does not log anything. SARG just analyzes and visualizes the logs of programs like squid, squidguard and dansguardian.
So before using SARG you should be familar with using a proxy like squid and which sites can be logged and which not or just with some additional configuration.So please first make sure you read the other threads here in the forum about squid, squidguard or dansguardian and if this is working then please explain more in detail what you want to do with sarg and what does not work with your configuration so that we can help.
Good luck!
-
Hi,
I seem to have an issue generating reports from dansguardian using Sarg. I have followed various troubleshooting threads which have not helped fix my problem.
Issue:
Status>Sarg Reports>View Report
Error: Could not find report index file.
Check and save sarg settings and try to force sarg schedule.System/package details:
PFsense 2.1-RELEASE (amd64) FreeBSD 8.3-RELEASE-p11
Dansguardian: 2.12.0.3 pkg v.0.1.8
squid3-dev: 3.3.10 pkg 2.2
Sarg: 2.3.6_2 pkg v.0.6.3
I can see files, including index.html.gz under ']/usr/local/sarg-reports/2013/12/30'
Realtime view in Sarg works ok.
What can I try to troubleshoot this further?
Thanks.
-
Did you enable logging on squid and/or dansguardian?
Did you create a shedule on sarg?
Only enable logrotation on sarg and not on squid.Depending on what reports sarg should create and how big the log files are it could take some time to generate a report.
-
Seems as if it was a time thing. After making no changes and just checking the reporting now, it is working.
-
Seems as if it was a time thing. After making no changes and just checking the reporting now, it is working.
I did have this sometimes when creating a shedule for the first time. Doing a force update now does not work or it seems as it does not but later everything is running.
-
I have installed squid(logging enabled) and i have set transparent mode off(if i switch it on i cannot access most of the websites)
after that if i try sarg, in report: it doesnt show anything(it says you have not configured….) and if i go in realtime and check then it shows only 1 entry of txt/...i have tried to install this soo many times earlier once it showed websites in realtime but only once upon a time that too of only 15 minutes(approx.)
Please help...
I am a newbie
-
Getting the same message:
rror: Could not find report index file.
Check and save sarg settings and try to force sarg schedule.But I can see the index.html file and other related files in /usr/local/sarg-reports/2014Jun04-2014Jun05
So…I simply copied the index.html up one level and into /usr/local/sarg-reports
the .conf file has the output_dir set to /usr/local/sarg-reports
But...how does this work if files are being placed in these dated sub directories??This seems to have fixed things.
Bug? A configuration setting I need to change somewhere?[EDIT]
Fiddled around with some settings and now it's apparently working?
I'm wondering if disabling the logging function and then re-enabling did something? -
Hi Gurus
After following the recommendation that I was learning in this page:
I copy the "index.html" from /usr/local/sarg-reports/2014/06/30/ to /usr/local/sarg-reports/
But I Can not obtain any value:Review in the log file, I observed
![](http://Log Sarg.jpg)Any suggestion why I can not obtain any report:
In the real Time report I can observe the pages that my customer access:
Any suggestion
![Log Sarg.jpg](/public/imported_attachments/1/Log Sarg.jpg)
![Log Sarg.jpg_thumb](/public/imported_attachments/1/Log Sarg.jpg_thumb)
-
Gurus
After running this command:[2.1.3-RELEASE][admin@firewall.hejcu.gob.pe]/root(4): sarg -x
SARG: Init
SARG: Loading configuration from /usr/pbi/sarg-i386/etc/sarg/sarg.conf
SARG: Chaining IP resolving module "dns"
SARG: Loading exclude host file from: /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
SARG: Loading exclude file from: /usr/pbi/sarg-i386/etc/sarg/exclude_users.conf
SARG: Reading host alias file "/usr/pbi/sarg-i386/etc/sarg/hostalias"
SARG: List of host names to alias:
SARG: Deleting temporary directory "/tmp/sarg"
SARG: Parameters:
SARG: Hostname or IP address (-a) =
SARG: Useragent log (-b) =
SARG: Exclude file (-c) = /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
SARG: Date from-until (-d) =
SARG: Email address to send reports (-e) =
SARG: Config file (-f) = /usr/pbi/sarg-i386/etc/sarg/sarg.conf
SARG: Date format (-g) = USA (mm/dd/yyyy)
SARG: IP report (-i) = No
SARG: Keep temporary files (-k) = No
SARG: Input log (-l) = /var/squid/logs/access.log
SARG: Resolve IP Address (-n) = Yes
SARG: Output dir (-o) = /usr/local/sarg-reports/
SARG: Use Ip Address instead of userid (-p) = No
SARG: Accessed site (-s) =
SARG: Time (-t) =
SARG: User (-u) =
SARG: Temporary dir (-w) = /tmp/sarg
SARG: Debug messages (-x) = Yes
SARG: Process messages (-z) = No
SARG: Previous reports to keep (–lastlog) = 0
SARG:
SARG: sarg version: 2.3.6 Arp-21-2013
SARG: Reading access log file: /var/squid/logs/access.log
SARG: Records in file: 970, reading: 100.00%
SARG: Records read: 970, written: 970, excluded: 0
SARG: Squid log format
SARG: Period: 2014 Jun 30
SARG: Sorting log /tmp/sarg/192_168_1_49.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_10.user_unsort
SARG: Sorting log /tmp/sarg/user2.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_71.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_9.user_unsort
SARG: (repday) Cannot open log file /usr/local/sarg-reports/2014/06/30/192_168_1_49/d192_168_1_49.html[2.1.3-RELEASE][admin@firewall.x.x.x.x]/root(1): sarg -x
SARG: Init
SARG: Loading configuration from /usr/pbi/sarg-i386/etc/sarg/sarg.conf
SARG: Chaining IP resolving module "dns"
SARG: Loading exclude host file from: /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
SARG: Loading exclude file from: /usr/pbi/sarg-i386/etc/sarg/exclude_users.conf
SARG: Reading host alias file "/usr/pbi/sarg-i386/etc/sarg/hostalias"
SARG: List of host names to alias:
SARG: Deleting temporary directory "/tmp/sarg"
SARG: Parameters:
SARG: Hostname or IP address (-a) =
SARG: Useragent log (-b) =
SARG: Exclude file (-c) = /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
SARG: Date from-until (-d) =
SARG: Email address to send reports (-e) =
SARG: Config file (-f) = /usr/pbi/sarg-i386/etc/sarg/sarg.conf
SARG: Date format (-g) = USA (mm/dd/yyyy)
SARG: IP report (-i) = No
SARG: Keep temporary files (-k) = No
SARG: Input log (-l) = /var/squid/logs/access.log
SARG: Resolve IP Address (-n) = Yes
SARG: Output dir (-o) = /usr/local/sarg-reports/
SARG: Use Ip Address instead of userid (-p) = No
SARG: Accessed site (-s) =
SARG: Time (-t) =
SARG: User (-u) =
SARG: Temporary dir (-w) = /tmp/sarg
SARG: Debug messages (-x) = Yes
SARG: Process messages (-z) = No
SARG: Previous reports to keep (–lastlog) = 0
SARG:
SARG: sarg version: 2.3.6 Arp-21-2013
SARG: Reading access log file: /var/squid/logs/access.log
SARG: Records in file: 970, reading: 100.00%
SARG: Records read: 970, written: 970, excluded: 0
SARG: Squid log format
SARG: Period: 2014 Jun 30
SARG: Sorting log /tmp/sarg/192_168_1_49.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_10.user_unsort
SARG: Sorting log /tmp/sarg/user2.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_71.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_9.user_unsort
SARG: (repday) Cannot open log file /usr/local/sarg-reports/2014/06/30/192_168_1_49/d192_168_1_49.html[2.1.3-RELEASE][admin@firewall.x.x.x.x]/root(4): sarg -x
SARG: Init
SARG: Loading configuration from /usr/pbi/sarg-i386/etc/sarg/sarg.conf
SARG: Chaining IP resolving module "dns"
SARG: Loading exclude host file from: /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
SARG: Loading exclude file from: /usr/pbi/sarg-i386/etc/sarg/exclude_users.conf
SARG: Reading host alias file "/usr/pbi/sarg-i386/etc/sarg/hostalias"
SARG: List of host names to alias:
SARG: Deleting temporary directory "/tmp/sarg"
SARG: Parameters:
SARG: Hostname or IP address (-a) =
SARG: Useragent log (-b) =
SARG: Exclude file (-c) = /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
SARG: Date from-until (-d) =
SARG: Email address to send reports (-e) =
SARG: Config file (-f) = /usr/pbi/sarg-i386/etc/sarg/sarg.conf
SARG: Date format (-g) = USA (mm/dd/yyyy)
SARG: IP report (-i) = No
SARG: Keep temporary files (-k) = No
SARG: Input log (-l) = /var/squid/logs/access.log
SARG: Resolve IP Address (-n) = Yes
SARG: Output dir (-o) = /usr/local/sarg-reports/
SARG: Use Ip Address instead of userid (-p) = No
SARG: Accessed site (-s) =
SARG: Time (-t) =
SARG: User (-u) =
SARG: Temporary dir (-w) = /tmp/sarg
SARG: Debug messages (-x) = Yes
SARG: Process messages (-z) = No
SARG: Previous reports to keep (–lastlog) = 0
SARG:
SARG: sarg version: 2.3.6 Arp-21-2013
SARG: Reading access log file: /var/squid/logs/access.log
SARG: Records in file: 970, reading: 100.00%
SARG: Records read: 970, written: 970, excluded: 0
SARG: Squid log format
SARG: Period: 2014 Jun 30
SARG: Sorting log /tmp/sarg/192_168_1_49.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_10.user_unsort
SARG: Sorting log /tmp/sarg/user2.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_71.user_unsort
SARG: Sorting log /tmp/sarg/192_168_1_9.user_unsort
SARG: (repday) Cannot open log file /usr/local/sarg-reports/2014/06/30/192_168_1_49/d192_168_1_49.html
[2.1.3-RELEASE][admin@firewall.x.x.x.x]/root(6): cat /usr/pbi/sarg-i386/etc/sarg/sarg.conf | moresarg.conf
TAG: access_log file
# Where is the access.log
# sarg -l fileaccess_log /var/squid/logs/access.log
TAG: graphs yes|no
# Use graphics where is possible.
# graph_days_bytes_bar_color blue|green|yellow|orange|brown|redgraphs yes
#graph_days_bytes_bar_color orangeTAG: graph_font
# The full path to the TTF font file to use to create the graphs. It is required
# if graphs is set to yes.#graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
TAG: title
# Especify the title for html page.
#title "Squid User Access Reports"
TAG: font_face
# Especify the font for html page.
#font_face Tahoma,Verdana,Arial
TAG: header_color
# Especify the header color
#header_color darkblue
TAG: header_bgcolor
# Especify the header bgcolor
#header_bgcolor blanchedalmond
TAG: font_size
# Especify the text font size
#font_size 9px
TAG: header_font_size
# Especify the header font size
#header_font_size 9px
TAG: title_font_size
# Especify the title font size
#title_font_size 11px
TAG: background_color
TAG: background_color
# Html page background color
background_color white
TAG: text_color
# Html page text color
#text_color #000000
TAG: text_bgcolor
# Html page text background color
#text_bgcolor lavender
TAG: title_color
# Html page title color
#title_color green
TAG: logo_image
# Html page logo.
#logo_image none
TAG: logo_text
# Html page logo text.
#logo_text ""
TAG: logo_text_color
# Html page logo texti color.
#logo_text_color #000000
TAG: logo_image_size
# Html page logo image size.
# width height#image_size 80 45
TAG: background_image
# Html page background image
#background_image none
TAG: password
# User password file used by Squid authentication scheme
# If used, generate reports just for that users.#password none
TAG: temporary_dir
# Temporary directory name for work files
# sarg -w dir#temporary_dir /tmp
TAG: output_dir
# The reports will be saved in that directory
# sarg -o diroutput_dir /usr/local/sarg-reports
TAG: anonymous_output_files yes/no
# Use anonymous file and directory names in the report. If it is set to
# no (the default), the user id/ip/name is slightly mangled to create a
# suitable file name to store the report of the user but the user's
# identity can easily be guessed from the mangled name. If this option is
# set, any file or directory belonging to the user is replaced by a short
# number. The purpose is to hide the identity of the user when looking
# at the report file names but it may serve to shorten the path too.anonymous_output_files no
TAG: output_email
# Email address to send the reports. If you use this tag, no html reports will be generated.
# sarg -e email#output_email none
TAG: resolve_ip yes/no
# Convert ip address to dns name
# sarg -n
resolve_ip yesTAG: user_ip yes/no
# Use Ip Address instead userid in reports.
# sarg -p
user_ip noTAG: topuser_sort_field field normal/reverse
# Sort field for the Topuser Report.
# Allowed fields: USER CONNECT BYTES TIMEtopuser_sort_field TIME normal
TAG: user_sort_field field normal/reverse
# Sort field for the User Report.
# Allowed fields: SITE CONNECT BYTES TIMEuser_sort_field TIME normal
TAG: exclude_users file
# users within the file will be excluded from reports.
# you can use indexonly to have only index.html file.exclude_users /usr/pbi/sarg-i386/etc/sarg/exclude_users.conf
TAG: exclude_hosts file
# Hosts, domains or subnets will be excluded from reports.
# Eg.: 192.168.10.10 - exclude ip address only
# 192.168.10.0/24 - exclude full C class
# s1.acme.foo - exclude hostname only
# *.acme.foo - exclude full domain nameexclude_hosts /usr/pbi/sarg-i386/etc/sarg/exclude_hosts.conf
TAG: useragent_log file
# useragent.log file patch to generate useragent report.
#useragent_log none
TAG: date_format
# Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
#date_format u
date_format uTAG: per_user_limit file MB
# Saves userid on file if download exceed n MB.
# This option allow you to disable user access if user exceed a download limit.#per_user_limit none
TAG: lastlog n
# How many reports files must be kept in reports directory.
# The oldest report file will be automatically removed.
# 0 - no limit.#lastlog 0
lastlog 0TAG: remove_temp_files yes
# Remove temporary files: geral, usuarios, top, periodo from root report directory.
remove_temp_files yes
TAG: index yes|no|only
# Generate the main index.html.
# only - generate only the main index.htmlindex yes
TAG: index_tree date|file
# How to generate the index.
index_tree date
TAG: index_fields
# The columns to show in the index of the reports
# Columns are: dirsize#index_fields dirsize
TAG: overwrite_report yes|no
# yes - if report date already exist then will be overwrited.
# no - if report date already exist then will be renamed to filename.n, filename.n+1overwrite_report yes
TAG: records_without_userid ignore|ip|everybody
# What can I do with records without user id (no authentication) in access.log file ?
# ignore - This record will be ignored.
# ip - Use ip address instead. (default)
# everybody - Use "everybody" instead.#records_without_userid ip
TAG: use_comma no|yes
# Use comma instead point in reports.
# Eg.: use_comma yes => 23,450,110
# use_comma no => 23.450.110use_comma yes
TAG: mail_utility
# Mail command to use to send reports via SMTP. Sarg calls it like this:
# mail_utility -s "SARG report, date" "output_email" <"mail_content"# Therefore, it is possible to add more arguments to the command by specifying them
# here.# If you need too, you can use a shell script to process the content of /dev/stdin
# (/dev/stdin is the mail_content passed by sarg to the script) and call whatever
# command you like. It is not limited to mailing the report via SMTP.# Don't forget to quote the command if necessary (i.e. if the path contains
# characters that must be quoted).#mail_utility mailx
TAG: topsites_num n
# How many sites in topsites report.
#topsites_num 100
TAG: topsites_sort_order CONNECT|BYTES|TIME A|D
# Sort for topsites report, where A=Ascendent, D=Descendent
#topsites_sort_order CONNECT D
TAG: index_sort_order A/D
# Sort for index.html, where A=Ascendent, D=Descendent
#index_sort_order D
TAG: exclude_codes file
# Ignore records with these codes. Eg.: NONE/400
# Write one code per line. Lines starting with a # are ignored.
# Only codes matching exactly one of the line is rejected. The
# comparison is not case sensitive.exclude_codes /usr/pbi/sarg-i386/etc/sarg/exclude_codes
TAG: replace_index string
# Replace "index.html" in the main index file with this string
# If null "index.html" is used#replace_index
TAG: max_elapsed milliseconds
# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
# Use 0 for no checking#max_elapsed 28800000
8 Hours
max_elapsed 0
TAG: report_type type
# What kind of reports to generate.
# topusers - users, sites, times, bytes, connects, links to accessed sites, etc
# topsites - site, connect and bytes report
# sites_users - users and sites report
# users_sites - accessed sites by the user report
# date_time - bytes used per day and hour report
# denied - denied sites with full URL report
# auth_failures - autentication failures report
# site_user_time_date - sites, dates, times and bytes report
# downloads - downloads per user report# Eg.: report_type topsites denied
#report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
report_type topusersTAG: usertab filename
# You can change the "userid" or the "ip address" to be a real user name on the reports.
# If resolve_ip is active, the ip address is resolved before being looked up into this
# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
# the resolved name will be looked into the file instead of the ip address. Note that
# it can be used to resolve any ip address known to the dns and then map the unresolved
# ip addresses to a name found in the usertab file.
# Table syntax:
# userid name or ip address name
# Eg:
# SirIsaac Isaac Newton
# vinci Leonardo da Vinci
# 192.168.10.1 Karol Wojtyla# Each line must be terminated with '\ n'
# If usertab have value "ldap" (case ignoring), user names
# will be taken from LDAP server. This method as approaches for reception
# of usernames from Active Didectory#usertab none
usertab noneTAG: LDAPHost hostname
# FQDN or IP address of host with LDAP service or AD DC
# default is '127.0.0.1'
#LDAPHost 127.0.0.1TAG: LDAPPort port
# LDAP service port number
# default is '389'
#LDAPPort 389TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
# DN of LDAP user, who is authorized to read user's names from LDAP base
# default is empty line
#LDAPBindDN cn=proxy,dc=mydomain,dc=localTAG: LDAPBindPW secret
# Password of DN, who is authorized to read user's names from LDAP base
# default is empty line
#LDAPBindPW secretTAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
# LDAP search base
# default is empty line
#LDAPBaseSearch ou=users,dc=mydomain,dc=localTAG: LDAPFilterSearch (uid=%s)
# User search filter by user's logins in LDAP
# First founded record will be used
# %s - will be changed to userlogins from access.log file
# filter string can have up to 5 '%s' tags
# default value is '(uid=%s)'
#LDAPFilterSearch (uid=%s)TAG: LDAPTargetAttr attributename
# Name of the attribute containing a name of the user
# default value is 'cn'
#LDAPTargetAttr cnTAG: long_url yes|no
# If yes, the full url is showed in report.
# If no, only the site will be showed# YES option generate very big sort files and reports.
long_url no
TAG: date_time_by bytes|elap
# Date/Time reports show the downloaded volume or the elapsed time or both.
#date_time_by bytes
date_time_by bytesTAG: charset name
# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
# graphic character sets for writing in alphabetic languages
# You can use the following charsets:
# Latin1 - West European
# Latin2 - East European
# Latin3 - South European
# Latin4 - North European
# Cyrillic
# Arabic
# Greek
# Hebrew
# Latin5 - Turkish
# Latin6
# Windows-1251
# Japan
# Koi8-r
# UTF-8#charset Latin1
charset UTF-8TAG: user_invalid_char "&/"
# Records that contain invalid characters in userid will be ignored by Sarg.
#user_invalid_char "&/"
TAG: privacy yes|no
# privacy_string "..."
# privacy_string_color blue
# In some countries the sysadm cannot see the visited sites by a restrictive law.
# Using privacy yes the visited url will be changes by privacy_string and the link
# will be removed from reports.privacy no
#privacy_string "..."
#privacy_string_color blueTAG: include_users "user1:user2:…:usern"
# Reports will be generated only for listed users.
#include_users none
TAG: exclude_string "string1:string2:...:stringn"
# Records from access.log file that contain one of listed strings will be ignored.
#exclude_string none
TAG: show_successful_message yes|no
# Shows "Successful report generated on dir" at end of process.
#show_successful_message yes
TAG: show_read_statistics yes|no
# Shows some reading statistics.
#show_read_statistics yes
TAG: topuser_fields
# Which fields must be in Topuser report.
#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
TAG: user_report_fields
# Which fields must be in User report.
#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
TAG: bytes_in_sites_users_report yes|no
# Bytes field must be in Site & Users Report ?
#bytes_in_sites_users_report no
bytes_in_sites_users_report noTAG: topuser_num n
# How many users in topsites report. 0 = no limit
#topuser_num 0
topuser_num 0TAG: datafile file
# Save the report results in a file to populate some database
#datafile none
TAG: datafile_delimiter " "
# ascii character to use as a field separator in datafile
#datafile_delimiter ""
TAG: datafile_fields all
# Which data fields must be in datafile
# user;date;time;url;connect;bytes;in_cache;out_cache;elapsed#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
TAG: datafile_url ip|name
# Saves the URL as ip or name in datafile
#datafile_url ip
TAG: weekdays
# The weekdays to take into account ( Sunday->0, Saturday->6 )
Example:
#weekdays 1-3,5
Default:
#weekdays 0-6
TAG: hours
# The hours to take into account
Example:
#hours 7-12,14,16,18-20
Default:
#hours 0-23
TAG: dansguardian_conf file
# DansGuardian.conf file path
# Generate reports from DansGuardian logs.
# Use 'none' to disable it.
# dansguardian_conf /usr/dansguardian/dansguardian.confdansguardian_conf
TAG: dansguardian_filter_out_date on|off
# This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action.
# Note the change of parameter value compared with the old option.
# 'off' use the record even if its date is outside of the range found in the input log file.
# 'on' use the record only if its date is in the range found in the input log file.TAG: squidguard_conf file
# path to squidGuard.conf file
# Generate reports from SquidGuard logs.
# Use 'none' to disable.
# You can use sarg -L filename to use an alternate squidGuard log.
# squidguard_conf /usr/local/squidGuard/squidGuard.confTAG: redirector_log file
# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
# may be repeated up to 64 times to read multiple files.
# If this option is specified, it takes precedence over squidguard_conf.
# The command line option -L override this option.#redirector_log /usr/local/squidGuard/var/logs/urls.log
TAG: redirector_filter_out_date on|off
# This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not
# appropriate with respect to their action.
# Note the change of parameter value compared with the old options.
# 'off' use the record even if its date is outside of the range found in the input log file.
# 'on' use the record only if its date is in the range found in the input log file.#redirector_filter_out_date on
TAG: redirector_log_format
# Format string for web proxy redirector logs.
# This option was named squidguard_log_format before sarg 2.3.
# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#TAG: show_sarg_info yes|no
# shows sarg information and site path on each report bottom
show_sarg_info no
TAG: show_sarg_logo yes|no
# shows sarg logo
show_sarg_logo no
TAG: parsed_output_log directory
# Saves the processed log in a sarg format after parsing the squid log file.
# This is a way to dump all of the data structures out, after parsing from
# the logs (presumably this data will be much smaller than the log files themselves),
# and pull them back in for later processing and merging with data from previous logs.#parsed_output_log none
TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
# Command to run to compress sarg parsed output log. It may contain
# options (such as -f to overwrite existing target file). The name of
# the file to compresse is provided at the end of this
# command line. Don't forget to quote things appropriately.#parsed_output_log_compress /bin/gzip
TAG: displayed_values bytes|abbreviation
# how the values will be displayed in reports.
# eg. bytes - 209.526
# abbreviation - 210K#displayed_values bytes
displayed_values bytesReport limits
TAG: authfail_report_limit n
TAG: denied_report_limit n
TAG: siteusers_report_limit n
TAG: squidguard_report_limit n
TAG: user_report_limit n
TAG: dansguardian_report_limit n
TAG: download_report_limit n
# report limits (lines).
# '0' no limit#authfail_report_limit 10
authfail_report_limit 0
#denied_report_limit 10
denied_report_limit 0
#siteusers_report_limit 0
#squidguard_report_limit 10
#dansguardian_report_limit 10
#user_report_limit 10
#user_report_limit 50
siteusers_report_limit 0
user_report_limit 0TAG: www_document_root dir
# Where is your Web DocumentRoot
# Sarg will create sarg-php directory with some PHP modules:
# - sarg-squidguard-block.php - add urls from user reports to squidGuard DB#www_document_root /var/www/html
www_document_root /usr/local/wwwTAG: block_it module_url
# This tag allow you to pass urls from user reports to a cgi or php module,
# to be blocked by some Squid acl# Eg.: block_it /sarg-php/sarg-block-it.php
# sarg-block-it is a php that will append a url to a flat file.
# You must change /var/www/html/sarg-php/sarg-block-it to point to your file
# in variable, and chown to a httpd owner.# sarg will pass http://module_url?url=url
#block_it none
TAG: external_css_file path
# Provide the path to an external css file to link into the HTML reports instead of
# the inline css written by sarg when this option is not set.# In versions prior to 2.3, this used to be an absolute file name to
# a file to include verbatim in each HTML page but, as it takes a lot of
# space, version 2.3 switched to a link to an external css file.
# Therefore, this option must contain the HTTP server path on which a client
# browser may find the css file.# Sarg use theses style classes:
# .logo logo class
# .info sarg information class, align=center
# .title_c title class, align=center
# .header_c header class, align:center
# .header_l header class, align:left
# .header_r header class, align:right
# .text text class, align:right
# .data table text class, align:right
# .data2 table text class, align:left
# .data3 &nb