Sarg Reports Upgrade to 0.6.5
-
I have upgraded to this version on a 64 bit system. I used the fix to make the reports generate and display. Now the only way it seems to work is if I have squid set as the daemon. I want dansguardian to supply the reports not squid. I did a package reinstall and same results. Now during Sarg bootup I get a warning "mkdir" file exist line 323 sarg.inc file. I found the line of code and it has a numerical value set. This is the line of code reported back from PFSense. mkdir($dir, 0755, true);
Thanks in advance. I got this much corrected it seems just by setting squid as the proxy server in Sarg. Now if I put it back to Dansguardian and try to view realtime then nothing is displayed and no errors are received. -
What's the problem with using Squid as the data source for Sarg instead of DG? Squid's access.log holds every URL fetched.
-
It list the loopback address instead of client IP.
-
Strange. I haven't seen that before. My access logs have the IP of the client making the request.
-
I am running transparent proxy with a forced redirect to dansguardian. So I believe that is why I have the loopback displayed when using squid. When using dansguardian I get client IP's listed. I have learned that the previous workaround to fix this no longer works because the reports are not in that directory now. ????
-
Well Sarg is now up to 0.6.8 and I have noticed that my scheduled job crashes after a few hours. Real time is not displaying anything either. So I did some digging. I have deleted my schedule and now using cron to run it for me using the command line/commands. Going to let it run for a couple days and see how it goes. Will update then.
-
Ok. Good news. I have had positive results here. Sarg is compiling reports for four days now and real-time has not crashed either. So if you are having any problems here is what I have done to resolve reporting issues. This is on a 64-bit system.
This is for a transparent proxy with a port foward redirect to dansguardian. My Sarg config pulls its' reports from the dansguardian access log. Not the squid log. I do not know of any issues with any different proxy and Sarg config.
1. Navigate to /var/log/dansguardian and delete all access logs in this directory.
2. Create a schedule in Sarg to get all necessary directories and access logs created. Force a report update and save it. Navigate to var/log/dansguardian. Here you need to see access.log.
Now navigate to usr/pbi/sarg-amd64/local. Here you need to see the sarg-reports directory. You may need to restart the firewall as I did. When you have all directories and files proceed to
the next step.3. Run these commands.
rm -rf /usr/local/sarg-reports
ln -s /usr/pbi/sarg-amd64/local/sarg-reports /usr/local/sarg-reportsForce a report update
Navigate to /usr/local/ you should see the linked sarg-reports directory. If it is a file and not a directory delete the file and run step 3 again. You should now have a directory and Sarg should
now be able to retrieve the reports.HOLD ON! We're not done yet.
Now delete the schedule you created in Sarg. You will need to have cron installed for the next steps.
Create these jobs in the cron utility. The time can be of your preference. The who and command fields are most important here. Also I would keep the wildcards where they are.
minute hour mday month wday who command
0 */8 * * * root /usr/local/etc/rc.d/squid.sh
0 */8 * * * root /usr/pbi/sarg-amd64/bin/sargThese two commands restart the proxy and run sarg reporting at the command line level. A cron command is created by the schedule you create in Sarg but from what I have gathered it is broken for some reason after a couple of days of reporting and the logs are not showing any errors related to this which is what confused me.
With what I have done here I have not had any issues with reporting or real-time crashing thus far.
Good Luck! Hope this helps you.
