http://www.kathmannlabs.net/mediawiki/index.php/Install_&_Configure_SARG
or Installing the Sarg The SARG can be gotten in the following address: http://sarg.sourceforge.net/sarg.php. After downloaded, it unpacks using it the command: # tar -xzvf sarg-1.3-PRE2.tar.gz After that, in the directory where the program was unpacked, it types: # ./configure # make # make install By standard, the SARG is installed in the directory /usr/local/sarg. In the past /etc/sarg/ is that we will find the configuration archive sarg.conf. Configuring the Sarg I go to cite the main parameters and the archive it is explained Defining Language language Portuguese Titulo's Report title "Squid User Access Reports" Directory where it will be generated the reports output_dir /home/squid/report/ To generate reports based on behalf of user (it requires a Proxy configured with authentication of users). user_ip no This option allows to specify the place generated for log theirs Squid # TAG: access_log file # #access_log /usr/local/squid/logs/access.log #access_log /var/log/squid/logs/access.log # RedHat Versão In this option nothing it needs to be modified, therefore the type of access to the site is about the type of report in accordance with. # TAG: report_type type # report_type topsites users_sites sites_users date_time denied auth_failures site_user_time_date The following options exist: Topsites - Sites more visited by passed through connection and bytes. Sites_users - Sample which the users have access a specific site. Users_sites - Sample sites had access for a specific user. Date_time - Bytes utilizados/trafegados per day and hour. Denied - Sample access attempts the sites forbidden for the ACLs. Auth_failures - Sample authentication attempts (error in the typing of authentication password) imperfections of an user. After finished the configuration of the Sarg, is enough to generate the reports and below I go to show some examples of as to use. For example, I want to send email of the report for date: sarg -e [EMAIL PROTECTED] -d 01/01/2003-06/01/2003 Another very cool example that would be for address URL, that in the case would below generate the report alone of the addresses described: sarg -s www.linuxit.com.br, www.myunix.org Configuring the date format sarg -d [e=Europa -> dd/mm/aa], u=EUA -> mm/dd/aa] Report for user and IP sarg -i wrochal 10.100.0.101 Report for hour sarg -t [HH, HH:MM, HH:MM:SS] Report for User sarg -u wrochal Now you are enough to create the report of the skill that you desire and much good luck. Report with exclusion of sites, strings and users Much people ask as to generate report excluding such site, users and strings. Knows as to use this resource: exclude.hosts - Here each line will have one domain/URL that it will not be shown in the report. Useful you to place, for examples, addresses of download of the Intranet that pass for the Squid, but do not spend band of Internet none. It places in the archive sarg.conf: exclude_hosts /etc/sarg/exclude.hosts exclude.strings - if some line of the archive of log to contain one of strings of this archive (each string for line), this line of log will be ignored of the report. With this you can filter any thing of the report. It places in the archive sarg.conf: exclude_string /etc/sarg/exclude.strings exclude.users - the users who will be in this archive (separate for line) will not be enclosed in the report. It places in the archive sarg.conf: exclude_users /etc/sarg/exclude.users or See the README for SARG. http://sarg.sourceforge.net/sarg.README.txt If you use native squid log format, the elapsed time will be in reports (emulate_httpd_log off). 1. run ./configure configure options: --enable-bindir=where sarg binary will be saved default: /usr/bin --enable-sysconfdir - where the configuration directory is default: /usr/local/sarg --enable-htmldir - where the www html root dir is default: /var/www/html --enable-mandir - where the sarg man page will be saved default: /usr/local/man/man1 3. make 4. make install 5. Go to /usr/local/sarg (or file entered with --sysconfdir on configure) and change sarg.conf as you need. 6. Notes about sarg: Date/Time report: Every minute that a request is logged your time is incremented by the smaller of 1 minute or the total time for the requests. Usage: sarg -h Source: http://www.sarg-squid.org/ but as per my personal experience use squid-graph --- In [email protected], Neelesh Raje <[EMAIL PROTECTED]> wrote: > > Dear all, > > Need a document on installation and configuration of SARG > > thanks and regards, > neelesh > > > > > > Be the first one to try the new Messenger 9 Beta! Go to http://in.messenger.yahoo.com/win/ > > [Non-text portions of this message have been removed] >
