Sarg is a Squid Analysis Report Generator that allow you to view "where" your users
are going to on the Internet.
Sarg generate reports in html, with many fields, like: users, IP Addresses, bytes, sites and times.
Support to SmartFilter added - 09/02/2000
Special thanks to:
Matteo Colombo - Italian language
Palamarchuk Eugen - Russian language
Csaba Kabai - Hungarian language
Evren Yurtesen - Turkish language
Andreas Piek - German language
Fred Pacquier - French language
Leonardo A. D'Angelo - Spanish language
Seth Mos - Dutch language
Milos Prudek - Czech language
Dima I. Allaverdov - Russian_windows1251 language
V Gatut Harijiso - Indonesian language
Ivan Minchev - Bulgarian_windows1251 language
Akira Kitamura - Japanese language
Radovan Drobnjakovic - Serbian language
Pieter Kooistra - Dutch language fix
Andrew Okhmat - Russian Koi8 language fixed
Nikolai V. Ivanyushin - Russian and Bulgarian language fix
Juris Valdovskis - Latvian language
Jordan Kanev - Bulgarian language fix
Wszebor Boksa - Polish language
Adi Cretu - Romanian language
Translating
. Copy include/English to YourLanguage
. Translate YourLanguage
. Send YourLanguage to to implement
If you use native squid log format, the elapsed time will be in reports (emulate_httpd_log off).
1. run ./configure
configure options: --enable-bindir=where sarg binary will be saved
default: /usr/bin
--enable-sysconfdir - where the configuration directory is
default: /usr/local/sarg
--enable-mandir - where the sarg man page will be saved
default: /usr/local/man/man1
3. make
4. make install
5. Go to /usr/local/sarg (or file entered with --sysconfdir on configure)
and change sarg.conf as you need.
6. Notes about sarg:
Date/Time report:
Every minute that a request is logged your time is incremented by the smaller
of 1 minute or the total time for the requests.
Usage: sarg -h
Source:
Any suggests and/or comments, plase:
# sarg.conf
#
# TAG: language
# Available languages:
# Bulgarian_windows1251
# Czech
# Dutch
# English
# French
# German
# Hungarian
# Indonesian
# Italian
# Japanese
# Latvian
# Polish
# Portuguese
# Romanian
# Russian_koi8
# Russian_windows1251
# Serbian
# Spanish
# Turkish
#
#language English
# TAG: access_log file
# Where is the access.log file
# sarg -l file
#
#access_log /usr/local/squid/logs/access.log
#access_log /var/log/squid/access.log # RedHat version
# TAG: title
# Especify the title for html page.
#
#title "Squid User Access Reports"
# TAG: font_face
# Especify the font for html page.
#
#font_face Arial
# TAG: header_color
# Especify the header color
#
#header_color darkblue
# TAG: header_bgcolor
# Especify the header bgcolor
#
#header_bgcolor blanchedalmond
# TAG: font_size
# TAG: font_size
# Especify the font size
#
#header_font_size -1
# TAG: background_color
# TAG: background_color
# Html page background color
#
#background_color white
# TAG: text_color
# Html page text color
#
#text_color black
# TAG: text_bgcolor
# Html page text background color
#
#text_bgcolor beige
# TAG: title_color
# Html page title color
#
#title_color green
# TAG: logo_image
# Html page logo.
#
#logo_image none
# TAG: logo_text
# Html page logo text.
#
#logo_text ""
# TAG: logo_text_color
# Html page logo texti color.
#
#logo_text_color black
# TAG: logo_image_size
# Html page logo image size.
# width height
#
#image_size 80 45
# TAG: background_image
# Html page background image
#
#background_image none
# TAG: password
# User password file used by authentication
# If you put here, reports will be generated only for users in.
#
#password none
# TAG: temporary_dir
# Temporary directory name
# sarg -w dir
#
#temporary_dir /tmp
# TAG: output_dir
# Where is the reports will ne stored.
# sarg -o dir
#
#output_dir /usr/local/etc/httpd/htdocs/squid-reports
#output_dir /home/httpd/html/squid-reports # RedHat version
# TAG: output_email
# Email address to send the reports
# sarg -e email
#
#output_email none
# TAG: resolve_ip yes/no
# Convert ip address to dns name
# sarg -n
#resolve_ip no
# TAG: user_ip yes/no
# Use Ip Address instead userid (reports)
# sarg -p
#user_ip no
# TAG: topuser_sort_field field normal/reverse
# Sort field for the Topuser Report.
# Allowed fields: USER CONNECT BYTES TIME
#
#topuser_sort_field BYTES reverse
# TAG: user_sort_field field normal/reverse
# Sort field for the User Report.
# Allowed fields: SITE CONNECT BYTES TIME
#
#user_sort_field BYTES reverse
# TAG: exclude_users file
# users within the file will be excluded from reports.
# you can use indexonly to have only index.html file.
#
#exclude_users none
# TAG: exclude_hosts file
# Hosts, domains or subnets will be excluded from reports.
#
# Eg.: 192.168.10.10 - exclude ip address only
# 192.168.10.0 - exclude full C class
# s1.acme.foo - exclude hostname only
# acme.foo - exclude full domain name
#
#exclude_hosts none
# TAG: useragent_log file
# Put here where is useragent.log to nable useragent report.
#
#useragent_log none
# TAG: date_format
# Date format in reports: e (Europe=dd/mm/yy), u (USA=mm/dd/yy), w (Weekly=yy.ww)
#date_format u
# TAG: per_user_limit file MB
# Save userid on file if download exceed n MB.
#
# This option can be used to disable user access if user exceed a download limit.
#per_user_limit none
# TAG: lastlog n
# How many reports files must be keept in reports directory.
# The oldest report file will be automatically removed.
# 0 - no limit.
#
#lastlog 0
# TAG: remove_temp_files yes
# Remove temporary files: geral, usuarios, top, periodo from root report directory.
#
#remove_temp_files yes
# TAG: index yes|no|only
# Generate the main index.html.
# only - generate only the main index.html
#
#index yes
# TAG: overwrite_report yes|no
# yes - if report date already exist then will be overwrited.
# no - if report date already exist then will be renamed to filename.n, filename.n+1
#
#overwrite_report no
# TAG: records_without_userid ignore|ip|everybody
# What can I do with records without user id (no authentication) in access.log file ?
#
# ignore - This record will be ignored.
# ip - Use ip address instead. (default)
# everybody - Use "everybody" instead.
#
#records_without_userid ip
# TAG: use_comma no|yes
# Use comma instead point in reports.
# Eg.: use_comma yes => 23,450,110
# use_comma no => 23.450.110
#
#use_comma no
# TAG: mail_utility mail|mailx
# Mail command to use to send reports via SMTP
#
#mail_utility mailx
# TAG: topsites_num n
# How many sites in topsites report.
#
#topsites_num 100
# TAG: topsites_sort_order CONNECT|BYTES A|D
# Sort for topsites report, where A=Ascendent, D=Descendent
#
#topsites_sort_order CONNECT D
# TAG: exclude_codes file
# Ignore records with these codes. Eg.: NONE/400
#
#exclude_codes /usr/local/sarg/exclude_codes
# TAG: replace_index string
# Replace "index.html" in the main index file with this string
# If null "index.html" is used
#
#replace_index
# TAG: max_elapsed milliseconds
# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
# Use 0 for no checking
#
#max_elapsed 0
# 8 Hours
max_elapsed 28800000
# TAG: report_type type
# What kind of reports to generate.
# topsites - shows the site, connect and bytes
# sites_users - shows which users were accessing a site
# users_sites - shows sites accessed by the user
# date_time - shows the amount of bytes used by day and hour
# denied - show all denied sites with full URL
# auth_failures - show autentication failures
#
# Eg.: report_type topsites denied
#
#report_type topsites users_sites sites_users date_time denied auth_failures site_user_time_date
# TAG: usertab filename
# You can change the "userid" or the "ip address" to be a real user name on the rpeorts.
# Table syntax:
# userid name or ip address name
# Eg:
# SirIsaac Isaac Newton
# vinci Leonardo da Vinci
# 192.168.10.1 Karol Wojtyla
#
# Each line must be terminated with '\n'
#
#usertab none
# TAG: long_url yes|no
# If yes, the full url is showed in report.
# If no, only the site will be showed
#
# YES option generate very big sort files and reports.
#
#long_url no
# TAG: date_time_by bytes|elap
# Date/Time reports will use bytes or elapsed time?
#
#date_time_by bytes
# TAG: charset name
# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
# graphic character sets for writing in alphabetic languages
# You can use the following charsets:
# Latin1 - West European
# Latin2 - East European
# Latin3 - South European
# Latin4 - North European
# Cyrillic
# Arabic
# Greek
# Hebrew
# Latin5 - Turkish
# Latin6
# Windows-1251
# Koi8-r
#
#charset Latin1
# TAG: user_invalid_char "&/"
# Records that contain invalid characters in userid will be ignored by Sarg.
#
#user_invalid_char "&/"
# TAG: privacy yes|no
# privacy_string "***.***.***.***"
# privacy_string_color blue
# In some countries the sysadm cannot see the visited sites by a restrictive law.
# Using privacy yes the visited url will be changes by privacy_string and the link
# will be removed from reports.
#
#privacy no
#privacy_string "***.***.***.***"
#privacy_string_color blue
# TAG: include_users "user1:user2:...:usern"
# Reports will be generated only for listed users.
#
#include_users none
# TAG: exclude_string "string1:string2:...:stringn"
# Records from access.log file that contain one of listed strings will be ignored.
#
#exclude_string none
# TAG: show_successful_message yes|no
# Show "Successful report generated on dir" at end of process.
#
# show_successful_message yes
# TAG: topuser_fields
# Which fields must be in Topuser report.
#
#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
# TAG: topuser_num n
# How many users in topsites report. 0 = no limit
#
#topuser_num 0
|