PfSense 2.2.6 Report blocked sites with Sarg not working
-
Hi,
I'm using pfSense 2.2.6 with squid3/squidGuard and it works as expected. I would like to view with Sarg Blocked sites from squidGuard. In Sarg Settings page I selected "Proxy Server Squidguard" but generated Access Report does not llist blocked sites and blacklist. In SquidGuard page Settings I enabled "Enable GUI log", "Enable log" and "Enable log rotation".
Thanks in advance for your help
egrep -v '^#|^$' /usr/pbi/sarg-amd64/local/etc/sarg/sarg.conf access_log /var/squid/logs/access.log graphs yes output_dir /usr/local/sarg-reports anonymous_output_files no resolve_ip no user_ip no topuser_sort_field BYTES normal user_sort_field BYTES normal exclude_users /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf exclude_hosts /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf date_format e lastlog 0 remove_temp_files yes index yes index_tree file overwrite_report no use_comma yes exclude_codes /usr/pbi/sarg-amd64/etc/sarg/exclude_codes max_elapsed 0 report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads usertab none long_url no date_time_by bytes charset UTF-8 privacy no bytes_in_sites_users_report no topuser_num 0 dansguardian_conf squidguard_conf /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# show_sarg_info no show_sarg_logo no displayed_values bytes authfail_report_limit 0 denied_report_limit 0 siteusers_report_limit 0 user_report_limit 0 squidguard_report_limit 0 www_document_root /usr/local/www ntlm_user_format domainname+username realtime_refresh_time 0 realtime_types GET,PUT,CONNECT realtime_unauthenticated_records show sorttable /sarg_sorttable.js hostalias /usr/pbi/sarg-amd64/etc/sarg/hostalias -
Hi,
Still trying to understand why sarg does not report blocked sites, according to "sarg -xz" output block.log is empty but it is not.
Thx for your help
wc -l /var/squidGuard/log/block.log 502 /var/squidGuard/log/block.log2016-01-05 17:08:44 [82855] Request(default/blk_blacklists_games/-) 1.gravatar.com:443 IP/- - CONNECT REDIRECTsarg -xz SARG: Init SARG: Loading configuration from /usr/local/etc/sarg/sarg.conf SARG: TAG: access_log /var/squid/logs/access.log SARG: TAG: graphs yes SARG: TAG: output_dir /usr/local/sarg-reports SARG: TAG: anonymous_output_files no SARG: TAG: resolve_ip yes SARG: Chaining IP resolving module "dns" SARG: TAG: user_ip no SARG: TAG: topuser_sort_field BYTES normal SARG: TAG: user_sort_field BYTES normal SARG: TAG: exclude_users /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf SARG: TAG: exclude_hosts /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf SARG: TAG: date_format e SARG: TAG: lastlog 0 SARG: TAG: remove_temp_files yes SARG: TAG: index yes SARG: TAG: index_tree file SARG: TAG: overwrite_report no SARG: TAG: use_comma yes SARG: TAG: exclude_codes /usr/pbi/sarg-amd64/etc/sarg/exclude_codes SARG: TAG: max_elapsed 0 SARG: TAG: report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads SARG: TAG: usertab none SARG: TAG: long_url no SARG: TAG: date_time_by bytes SARG: TAG: charset UTF-8 SARG: TAG: privacy no SARG: TAG: bytes_in_sites_users_report no SARG: TAG: topuser_num 0 SARG: TAG: dansguardian_conf SARG: TAG: squidguard_conf /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf SARG: TAG: redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# SARG: TAG: show_sarg_info no SARG: TAG: show_sarg_logo no SARG: TAG: displayed_values bytes SARG: TAG: authfail_report_limit 0 SARG: TAG: denied_report_limit 0 SARG: TAG: siteusers_report_limit 0 SARG: TAG: user_report_limit 0 SARG: TAG: squidguard_report_limit 0 SARG: TAG: www_document_root /usr/local/www SARG: TAG: ntlm_user_format domainname+username SARG: TAG: realtime_refresh_time 0 SARG: TAG: realtime_types GET,PUT,CONNECT SARG: TAG: realtime_unauthenticated_records show SARG: TAG: sorttable /sarg_sorttable.js SARG: TAG: hostalias /usr/pbi/sarg-amd64/etc/sarg/hostalias SARG: Loading exclude host file from: /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf SARG: Loading exclude file from: /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf SARG: Reading host alias file "/usr/pbi/sarg-amd64/etc/sarg/hostalias" SARG: List of host names to alias: SARG: Parameters: SARG: Hostname or IP address (-a) = SARG: Useragent log (-b) = SARG: Exclude file (-c) = /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf SARG: Date from-until (-d) = SARG: Email address to send reports (-e) = SARG: Config file (-f) = /usr/local/etc/sarg/sarg.conf SARG: Date format (-g) = Europe (dd/mm/yyyy) SARG: IP report (-i) = No SARG: Keep temporary files (-k) = No SARG: Input log (-l) = /var/squid/logs/access.log SARG: Resolve IP Address (-n) = Yes SARG: Output dir (-o) = /usr/local/sarg-reports/ SARG: Use Ip Address instead of userid (-p) = No SARG: Accessed site (-s) = SARG: Time (-t) = SARG: User (-u) = SARG: Temporary dir (-w) = /tmp/sarg SARG: Debug messages (-x) = Yes SARG: Process messages (-z) = Yes SARG: Previous reports to keep (--lastlog) = 0 SARG: SARG: sarg version: 2.3.9 Sep-21-2014 SARG: Reading access log file: /var/squid/logs/access.log SARG: Records in file: 2397, reading: 100.00% SARG: Records read: 2397, written: 2397, excluded: 0 SARG: Squid log format SARG: (info) date=06/01/2016 SARG: (info) period=06 Jan 2016 SARG: Period: 06 Jan 2016 SARG: File /usr/local/sarg-reports/06Jan2016-06Jan2016 already exists, moved to /usr/local/sarg-reports/06Jan2016-06Jan2016.1 SARG: (info) outdirname=/usr/local/sarg-reports/06Jan2016-06Jan2016 SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: (info) Dansguardian report not produced because no dansguardian configuration file was provided SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Sorting file: /tmp/sarg/redirector.int_log SARG: (info) No downloaded files to report SARG: (info) Denied report not produced because it is empty SARG: (info) Authentication failures report not produced because it is empty SARG: (info) Redirector report not generated because it is empty SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP7 SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Making index.html SARG: Successful report generated on /usr/local/sarg-reports/06Jan2016-06Jan2016 SARG: Purging temporary file sarg-general SARG: End
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.