Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense 2.2.6 Report blocked sites with Sarg not working

    Scheduled Pinned Locked Moved Cache/Proxy
    2 Posts 1 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DomiX
      last edited by

      Hi,

      I'm using pfSense 2.2.6 with squid3/squidGuard and it works as expected. I would like to view with Sarg Blocked sites from squidGuard. In Sarg Settings page I selected "Proxy Server Squidguard" but generated Access Report does not llist blocked sites and blacklist. In SquidGuard page Settings I enabled "Enable GUI log", "Enable log" and "Enable log rotation".

      Thanks in advance for your help

      
      egrep -v '^#|^$' /usr/pbi/sarg-amd64/local/etc/sarg/sarg.conf
      access_log /var/squid/logs/access.log
      graphs yes
      output_dir /usr/local/sarg-reports
      anonymous_output_files no
      resolve_ip no
      user_ip no
      topuser_sort_field BYTES normal
      user_sort_field BYTES normal
      exclude_users /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf
      exclude_hosts /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf
      date_format e
      lastlog 0
      remove_temp_files yes
      index yes
      index_tree file
      overwrite_report no
      use_comma yes
      exclude_codes /usr/pbi/sarg-amd64/etc/sarg/exclude_codes
      max_elapsed 0
      report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
      usertab none
      long_url no
      date_time_by bytes
      charset UTF-8
      privacy no
      bytes_in_sites_users_report no
      topuser_num 0
      dansguardian_conf
      squidguard_conf /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf
      redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
      show_sarg_info no
      show_sarg_logo no
      displayed_values bytes
      authfail_report_limit 0
      denied_report_limit 0
      siteusers_report_limit 0
      user_report_limit 0
      squidguard_report_limit 0
      www_document_root /usr/local/www
      ntlm_user_format domainname+username
      realtime_refresh_time 0
      realtime_types GET,PUT,CONNECT
      realtime_unauthenticated_records show
      sorttable /sarg_sorttable.js
      hostalias /usr/pbi/sarg-amd64/etc/sarg/hostalias
      
      
      1 Reply Last reply Reply Quote 0
      • D
        DomiX
        last edited by

        Hi,

        Still trying to understand why sarg does not report blocked sites, according to "sarg -xz" output block.log is empty but it is not.

        Thx for your help

         wc -l /var/squidGuard/log/block.log
             502 /var/squidGuard/log/block.log
        
        
        2016-01-05 17:08:44 [82855] Request(default/blk_blacklists_games/-) 1.gravatar.com:443 IP/- - CONNECT REDIRECT
        
         sarg -xz
        SARG: Init
        SARG: Loading configuration from /usr/local/etc/sarg/sarg.conf
        SARG: TAG: access_log /var/squid/logs/access.log
        SARG: TAG: graphs yes
        SARG: TAG: output_dir /usr/local/sarg-reports
        SARG: TAG: anonymous_output_files no
        SARG: TAG: resolve_ip yes
        SARG: Chaining IP resolving module "dns"
        SARG: TAG: user_ip no
        SARG: TAG: topuser_sort_field BYTES normal
        SARG: TAG: user_sort_field BYTES normal
        SARG: TAG: exclude_users /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf
        SARG: TAG: exclude_hosts /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf
        SARG: TAG: date_format e
        SARG: TAG: lastlog 0
        SARG: TAG: remove_temp_files yes
        SARG: TAG: index yes
        SARG: TAG: index_tree file
        SARG: TAG: overwrite_report no
        SARG: TAG: use_comma yes
        SARG: TAG: exclude_codes /usr/pbi/sarg-amd64/etc/sarg/exclude_codes
        SARG: TAG: max_elapsed 0
        SARG: TAG: report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
        SARG: TAG: usertab none
        SARG: TAG: long_url no
        SARG: TAG: date_time_by bytes
        SARG: TAG: charset UTF-8
        SARG: TAG: privacy no
        SARG: TAG: bytes_in_sites_users_report no
        SARG: TAG: topuser_num 0
        SARG: TAG: dansguardian_conf
        SARG: TAG: squidguard_conf /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf
        SARG: TAG: redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
        SARG: TAG: show_sarg_info no
        SARG: TAG: show_sarg_logo no
        SARG: TAG: displayed_values bytes
        SARG: TAG: authfail_report_limit 0
        SARG: TAG: denied_report_limit 0
        SARG: TAG: siteusers_report_limit 0
        SARG: TAG: user_report_limit 0
        SARG: TAG: squidguard_report_limit 0
        SARG: TAG: www_document_root /usr/local/www
        SARG: TAG: ntlm_user_format domainname+username
        SARG: TAG: realtime_refresh_time 0
        SARG: TAG: realtime_types GET,PUT,CONNECT
        SARG: TAG: realtime_unauthenticated_records show
        SARG: TAG: sorttable /sarg_sorttable.js
        SARG: TAG: hostalias /usr/pbi/sarg-amd64/etc/sarg/hostalias
        SARG: Loading exclude host file from: /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf
        SARG: Loading exclude file from: /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf
        SARG: Reading host alias file "/usr/pbi/sarg-amd64/etc/sarg/hostalias"
        SARG: List of host names to alias:
        SARG: Parameters:
        SARG:           Hostname or IP address (-a) =
        SARG:                    Useragent log (-b) =
        SARG:                     Exclude file (-c) = /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf
        SARG:                  Date from-until (-d) =
        SARG:    Email address to send reports (-e) =
        SARG:                      Config file (-f) = /usr/local/etc/sarg/sarg.conf
        SARG:                      Date format (-g) = Europe (dd/mm/yyyy)
        SARG:                        IP report (-i) = No
        SARG:             Keep temporary files (-k) = No
        SARG:                        Input log (-l) = /var/squid/logs/access.log
        SARG:               Resolve IP Address (-n) = Yes
        SARG:                       Output dir (-o) = /usr/local/sarg-reports/
        SARG: Use Ip Address instead of userid (-p) = No
        SARG:                    Accessed site (-s) =
        SARG:                             Time (-t) =
        SARG:                             User (-u) =
        SARG:                    Temporary dir (-w) = /tmp/sarg
        SARG:                   Debug messages (-x) = Yes
        SARG:                 Process messages (-z) = Yes
        SARG:  Previous reports to keep (--lastlog) = 0
        SARG:
        SARG: sarg version: 2.3.9 Sep-21-2014
        SARG: Reading access log file: /var/squid/logs/access.log
        SARG: Records in file: 2397, reading: 100.00%
        SARG:    Records read: 2397, written: 2397, excluded: 0
        SARG: Squid log format
        SARG: (info) date=06/01/2016
        SARG: (info) period=06 Jan 2016
        SARG: Period: 06 Jan 2016
        SARG: File /usr/local/sarg-reports/06Jan2016-06Jan2016 already exists, moved to /usr/local/sarg-reports/06Jan2016-06Jan2016.1
        SARG: (info) outdirname=/usr/local/sarg-reports/06Jan2016-06Jan2016
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: Sorting log /tmp/sarg/IP.user_unsort
        SARG: Making file: /tmp/sarg/IP
        SARG: (info) Dansguardian report not produced because no dansguardian configuration file was provided
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log
        SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log
        SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log
        SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log
        SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Reading redirector log file /var/squidGuard/log/block.log
        SARG: Sorting file: /tmp/sarg/redirector.int_log
        SARG: (info) No downloaded files to report
        SARG: (info) Denied report not produced because it is empty
        SARG: (info) Authentication failures report not produced because it is empty
        SARG: (info) Redirector report not generated because it is empty
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP7
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Sorting file: /tmp/sarg/IP.utmp
        SARG: Making report: IP
        SARG: Making index.html
        SARG: Successful report generated on /usr/local/sarg-reports/06Jan2016-06Jan2016
        SARG: Purging temporary file sarg-general
        SARG: End
        
        
        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.