Monitoring proxy server squid pfsense 2.0.1 ? how to
-
Hi,
Is there any way to monitor traffic that is coming on wan interface when proxy is used ?
I have a proxy server on wan working on a port(squid package), when somewhere is used my ext ip or dyn dns as a proxy on a specified port , can these traffic be monitorized from dashboard where squid is installed on pfsense 2.0.1 pc platform ? and if so how is there some package or something ? i also whant to see ips from pages that are accessed from where proxy is used(sorry for these expression i'm not sure if acessed pages are called 'states') …can these be done somehow ?Thanks !
-
Sarg package has a real-time report viewer for squid.
squid built in cachemanager.cgi could be an option too. -
Hi,
Thanks for your reply.
I installed package…but it's not working right now i get this:Error: Could not find report index file.
Check sarg settings and try to force sarg schedule.I have to create in /var/squid/logs/access.log but i don't know how
-
Enable squid logs on gui first.
-
Done, it' enable.
But i still get this Error: Could not find report index file.
Check sarg settings and try to force sarg schedule.
I add a schedule for one hour i also tryed a real time report…
I mention that right now proxy is not in use ! service is started but it's not use...(it's a proxy on wan)Thanks
-
what you got on realtime tab?
-
See picture i pusshed show log
I think is not working because proxy is not use what should be in report if is not use….
But i don't know why i m getting index eror from above:( still after enable like you said ?/var/squid/logs/access.log is there empty now but still...index error
Thanks ! I just saw that package is created by you and how is working in some posts....i didn't thought that will be so detailed
-
From other posts sarg is not using the right path…wich one is the good one /var/squid/log/access.log or /var/squid/logs/access.log ? i copied from /var/squid/logs/access.log in /var/squid/logs/access.log but still nothing...the same error with index
-
The path on squid.conf by default is /var/squid/logs/access.log.
-
realtime report is working :D i test it when proxy is in use is working fine :D but in view report i still get index error
-
realtime report is working :D i test it when proxy is in use is working fine :D but in view report i still get index error
good news!
now, try to run sarg on console/ssh to see if it return erros.
-
Result :
SARG: Records in file: 102, reading: 100.00%
SARG: Successful report generated on /usr/local/www/sarg-reports/2012/05/07I checked and sites are there in report :D checked manually …with edit file/browse
In system logs :
May 7 22:00:01 php: : Sarg: force refresh now with '' args and none action after sarg finish.
May 7 22:00:01 php: : The command '/usr/local/bin/sarg ' returned exit code '1', the output was 'SARG: Records in file: 103, reading: 0.00%^MSARG: cannot open /usr/local/www/sarg-reports/2012/05/07/sarg-date for writing SARG:: No such file or directory SARG: Records in file: 103, reading: 100.00%' -
Hai Guys,
I found why this error is happening. the sarg_reports.php is looking for the index.html file in sarg-reports/index.html, which is not there. Basically the default installation of sarg in Fedora and Centos is giving us a "report" directory format like the following. /var/www/html/reports/index.html. This index.html is generated when using "sarg -x " command ,which contains all the report details.But in PfSense Sarg ,the directory structure is little-bit different. I dont know why and how to solve this.If you are placing one index.html file in "/usr/local/www/sarg-reports/" ,the webconfigurator will show that "index.html" while taking "Status->sarg Reports-> View Reports".
The directory structure of Sarg in Pfsense is as this "sarg-reports/"year"/"month"/"date"/index.html"( Actual Sarg directory structure "sarg-reports/index.html" + lot of directory in "yyyy-mm-dd"). The configuration of this sarg_reports.php is given in sarg_frame.php,where the path of report file is given.
I am struck with this error ..Can any one give further tips in the topic….........!!!
Thanks
Pramod -
fyi the lightsquid package also has realtime monitoring now
-
linuxmaniac,
What options did you selected on sarg config page? did you created the schedules to run sarg?
I have reports working with these report options selected:
user graphics
remove temporary files
generate the main index
generate the index tree
overwrite report
use comma instead pint in reports
show de downloaded volume ond date/time reportsand all report to generate selected
-
Hai Marcelloc,
I got that ;D. Your information was very helpful…Its solved my problem....Many thanks..... :D
-
Great post, solved my "problem" (=wrong configuration) to!
-
Guys,
Those settings mentioned by marceloc are resolving index error ?
If yes how exactly can be changed ? (yes) (no) from report settings ?Thanks !
-
Just select them using ctrl + click. The (yes) and (no) are there just to show you what values are default on sarg configuration.
-
Now is working finally, thanks a lot !!
-
linuxmaniac,
What options did you selected on sarg config page? did you created the schedules to run sarg?
I have reports working with these report options selected:
user graphics
remove temporary files
generate the main index
generate the index tree
overwrite report
use comma instead pint in reports
show de downloaded volume ond date/time reportsand all report to generate selected
Hi - I've followed this approach it seems to work. However, I seem to get "gaps" in the report. If I attempt to click on any of the day hyperlinks under the FILE/PERIOD column where there are '0' values under USERS, BYTES or AVERAGE, Sarg immediately returns:
Error: Could not find report index file.
Check and save sarg settings and try to force sarg schedule.My schedule is set as follows (no Additional Args defined)
Status Update Frequency Aditional Args Post Action Description
on 1d both Rotate Logs Restart Daemon
on 1h none No Rotate No RestartFILE/PERIOD CREATION DATE USERS BYTES AVERAGE
2012Jun17-2012Jun26 Tue Jun 26 11:00:09 2012 12 3,776,071,500 314,672,625
2012Jun17-2012Jun25 Tue Jun 26 00:00:11 2012 0 0 0
2012Jun17-2012Jun24 Mon Jun 25 00:00:10 2012 0 0 0
2012Jun17-2012Jun23 Sun Jun 24 00:00:08 2012 0 0 0
2012Jun17-2012Jun22 Fri Jun 22 23:00:07 2012 12 2,368,777,123 197,398,093
2012Jun17-2012Jun21 Fri Jun 22 00:00:06 2012 0 0 0
2012Jun17-2012Jun20 Thu Jun 21 00:00:18 2012 12 1,685,088,876 140,424,073
2012Jun17-2012Jun19 Wed Jun 20 00:00:04 2012 12 1,423,723,046 118,643,587 -
FILE/PERIOD CREATION DATE USERS BYTES AVERAGE
2012Jun17-2012Jun26 Tue Jun 26 11:00:09 2012 12 3,776,071,500 314,672,625
2012Jun17-2012Jun25 Tue Jun 26 00:00:11 2012 0 0 0
2012Jun17-2012Jun24 Mon Jun 25 00:00:10 2012 0 0 0
2012Jun17-2012Jun23 Sun Jun 24 00:00:08 2012 0 0 0
2012Jun17-2012Jun22 Fri Jun 22 23:00:07 2012 12 2,368,777,123 197,398,093
2012Jun17-2012Jun21 Fri Jun 22 00:00:06 2012 0 0 0
2012Jun17-2012Jun20 Thu Jun 21 00:00:18 2012 12 1,685,088,876 140,424,073
2012Jun17-2012Jun19 Wed Jun 20 00:00:04 2012 12 1,423,723,046 118,643,587it looks like your logs are not rotating
try to use sarg args to limit report to one day and check the results.
-d
date +%d/%m/%Y-date +%d/%m/%Y -
marcelloc, it appears to have worked. I actually modified my 1d Sarg schedule to include the arguement exactly as you've written it (and FORCED UPDATE NOW)
Status Update Frequency Aditional Args Post Action Description
on 1d -ddate +%d/%m/%Y-date +%d/%m/%Yboth Rotate Logs Restart DaemonAfter the update, the report output appears as follows. The first line being the result of my forced update.
FILE/PERIOD CREATION DATE USERS BYTES AVERAGE
2012Jun26-2012Jun26 Tue Jun 26 12:20:21 2012 8 66,752,110 8,344,013
2012Jun17-2012Jun26 Tue Jun 26 12:00:09 2012 12 3,816,299,190 318,024,932
2012Jun17-2012Jun25 Tue Jun 26 00:00:11 2012 0 0 0
2012Jun17-2012Jun24 Mon Jun 25 00:00:10 2012 0 0 0
2012Jun17-2012Jun23 Sun Jun 24 00:00:08 2012 0 0 0
2012Jun17-2012Jun22 Fri Jun 22 23:00:07 2012 12 2,368,777,123 197,398,093
2012Jun17-2012Jun21 Fri Jun 22 00:00:06 2012 0 0 0
2012Jun17-2012Jun20 Thu Jun 21 00:00:18 2012 12 1,685,088,876 140,424,073
2012Jun17-2012Jun19 Wed Jun 20 00:00:04 2012 12 1,423,723,046 118,643,587Once it works, is there any way to clear out all of the old log data?
-
i'm also wondering if i could delete old reports….is that possible ? without causing malfunctions
-
i'm also wondering if i could delete old reports….is that possible ? without causing malfunctions
sure, just delete report folder in /usr/local/sarg-reports
-
Error: Could not find report index file.
Check sarg settings and try to force sarg schedule.SOLUCION!!!!
En la Pestaña Schedule una tarea con la Siguiente configuracion:
Descripcion : Nombre que ustedes decidan
Sarg arg: -ddate +%d/%m/%Y-date +%d/%m/%Y
Frecuency: 15mLuego lo guardan y se van a la pestaña general
Seleccionan:user graphics
remove temporary files
generate the main index
generate the index tree
overwrite report
use comma instead pint in reports
show de downloaded volume ond date/time reportsEn la sección REPORT TO GENERATE se seleccionan todos
Se guarda la configuracion y vamos de nuevo a la pestaña de schedule abrimos la tarea y damos en el boton
FORCE UPDATE NOW
Esperamos a que ejecute la tarea y por ultumo vamos al la pestaña donde vemos el reporte!!!!
