It looks like these are for just the squid logs which are in /var/logs/squid/ squidguard's logs are in /var/squidGuard/
This is what all of the log files look like for squidguard [EMAIL PROTECTED] squidGuard]# ll total 4832 -rw-r--r-- 1 squid squid 0 Jun 4 13:10 ads -rw-r--r-- 1 squid squid 0 Jul 9 04:02 aggressive -rw-r--r-- 1 squid squid 134 Jul 9 04:02 aggressive.1.gz -rw-r--r-- 1 squid squid 127 Jul 12 16:29 audio-video -rw-r--r-- 1 squid squid 275 Jul 11 04:03 audio-video.1.gz -rw-r--r-- 1 squid squid 193 Jul 8 04:02 audio-video.2.gz -rw-r--r-- 1 squid squid 2530 Jul 13 10:58 drugs -rw-r--r-- 1 squid squid 523 Jul 11 04:03 drugs.1.gz -rw-r--r-- 1 squid squid 368 Jul 7 04:03 drugs.2.gz -rw-r--r-- 1 squid squid 389 Jul 12 16:49 gambling -rw-r--r-- 1 squid squid 561 Jul 11 04:03 gambling.1.gz -rw-r--r-- 1 squid squid 425 Jul 7 04:03 gambling.2.gz -rw-r--r-- 1 squid squid 8470 Jul 13 14:44 hacking -rw-r--r-- 1 squid squid 1309 Jul 11 04:03 hacking.1.gz -rw-r--r-- 1 squid squid 720 Jul 7 04:03 hacking.2.gz -rw-r--r-- 1 squid squid 0 Jun 4 13:10 local-block -rw-r--r-- 1 squid squid 0 Jul 8 15:17 local-denied -rw-r--r-- 1 squid squid 0 Jun 4 13:10 mail -rw-r--r-- 1 squid squid 39711 Jul 13 15:43 porn -rw-r--r-- 1 squid squid 16918 Jul 11 04:03 porn.1.gz -rw-r--r-- 1 squid squid 3608 Jul 7 04:03 porn.2.gz -rw-r--r-- 1 squid squid 1984 Jun 13 04:02 porn.3.gz -rw-r--r-- 1 squid squid 2399 Jun 8 04:02 porn.4.gz -rw-r--r-- 1 squid squid 0 Jun 4 13:10 proxy -rw-r--r-- 1 squid squid 0 Jul 6 10:29 redirector -rw-r--r-- 1 squid squid 4788281 Jul 13 05:06 squidGuard.log -rw-r--r-- 1 squid squid 0 Jul 13 04:02 violence -rw-r--r-- 1 squid squid 130 Jul 13 04:02 violence.1.gz -rw-r--r-- 1 squid squid 0 Jul 7 04:03 warez -rw-r--r-- 1 squid squid 118 Jul 7 04:03 warez.1.gz Here is a sample of the hacking file: [EMAIL PROTECTED] squidGuard]# head hacking 2004-07-12 10:08:03 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/589/ 192.168.6.5/- - GET 2004-07-12 10:28:19 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/610/ 192.168.2.102/- - GET 2004-07-12 11:05:12 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/168/?h=http://servedby.advertising.com/click/site=0000147015/mnum=0000172372/optn=64?trg= 192.168.2.106/- - GET 2004-07-12 11:16:21 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/168/?h=http://servedby.advertising.com/click/site=0000147015/mnum=0000172372/optn=64?trg= 192.168.2.105/- - GET 2004-07-12 11:42:56 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/589/ 192.168.6.4/- - GET 2004-07-12 11:43:28 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/589/ 192.168.6.4/- - GET 2004-07-12 11:43:32 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/589/ 192.168.6.4/- - GET 2004-07-12 11:43:38 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/589/ 192.168.6.4/- - GET 2004-07-12 11:43:41 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/589/ 192.168.6.4/- - GET 2004-07-12 12:11:29 [30516] Request(default/hacking/-) http://webpdp.gator.com/4/placement/610/ 192.168.2.104/- - GET On Tue, 13 Jul 2004 15:18:50 -0500, Dustin Schwacke <[EMAIL PROTECTED]> wrote: > If I am not mistaken, squid can output its logs in a Common Logfile > Format that Webalizer can parse and use. > > http://www.squid-cache.org/Scripts/ > > Drag0n > [EMAIL PROTECTED] > > > > Adam Melancon wrote: > > Hello everyone, > > > > I have built a squidguard box for the vermilion parish library and I > > would like to have some sort of web based statistics for my squidguard > > logs like i have using webalizer for apache logs. > > > > I was curious if anyone knows of any log analyzer for squidguard besides > > SARG. > > I've tried SARG, but couldn't get it working correctly. > > Almost everything I have seen has mainly been for just squid not squidguard. > > > > It was time to renew our Iprism filter and it was just way too much > > money to spend on filtering, espically since I knew that we would have > > to renew again in another three years, so I took the squidguard route. > > I have even done some tweaking to get the squidguard webmin module > > working with it the way I want so I can block/unblock certain sites or > > enter ip addresses to allow full access if we need. > > > > Right now the way I'm viewing the logs is by linking the > > /var/log/squidGuard/ directory to /var/www/html/. > > > > Any thoughts? > > > > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net > -- Adam Melancon Work: http://www.vermilion.lib.la.us Personal: http://www.melancon.org
