News : LinuxSolved.com Linux Help Community Forum..
Installing the SargThe SARG can be gotten in the following address: http://sarg.sourceforge.net/sarg.php. After downloaded, it unpacks using it the command:# tar -xzvf sarg-1.3-PRE2.tar.gzAfter that, in the directory where the program was unpacked, it types:# ./configure# make# make installBy standard, the SARG is installed in the directory /usr/local/sarg. In the past /etc/sarg/ is that we will find the configuration archive sarg.conf.Configuring the SargI go to cite the main parameters and the archive it is explainedDefining Languagelanguage PortugueseTitulo’s Reporttitle "Squid User Access Reports"Directory where it will be generated the reportsoutput_dir /home/squid/report/To generate reports based on behalf of user (it requires a Proxy configured with authentication of users).user_ip noThis option allows to specify the place generated for log theirs Squid# TAG: access_log file##access_log /usr/local/squid/logs/access.log#access_log /var/log/squid/logs/access.log # RedHat VersãoIn this option nothing it needs to be modified, therefore the type of access to the site is about the type of report in accordance with.# TAG: report_type type# report_type topsites users_sites sites_users date_time denied auth_failures site_user_time_dateThe following options exist:Topsites - Sites more visited by passed through connection and bytes. Sites_users - Sample which the users have access a specific site.Users_sites - Sample sites had access for a specific user. Date_time - Bytes utilizados/trafegados per day and hour. Denied - Sample access attempts the sites forbidden for the ACLs. Auth_failures - Sample authentication attempts (error in the typing of authentication password) imperfections of an user.After finished the configuration of the Sarg, is enough to generate the reports and below I go to show some examples of as to use.For example, I want to send email of the report for date:sarg -e email@example.com -d 01/01/2003-06/01/2003Another very cool example that would be for address URL, that in the case would below generate the report alone of the addresses described:sarg -s www.linuxit.com.br, www.myunix.orgConfiguring the date formatsarg -d [e=Europa -> dd/mm/aa], u=EUA -> mm/dd/aa]Report for user and IPsarg -i wrochal 10.100.0.101Report for hoursarg -t [HH, HH:MM, HH:MM:SS]Report for Usersarg -u wrochalNow you are enough to create the report of the skill that you desire and much good luck.Report with exclusion of sites, strings and usersMuch people ask as to generate report excluding such site, users and strings. Knows as to use this resource:exclude.hosts - Here each line will have one domain/URL that it will not be shown in the report. Useful you to place, for examples, addresses of download of the Intranet that pass for the Squid, but do not spend band of Internet none.It places in the archive sarg.conf: exclude_hosts /etc/sarg/exclude.hostsexclude.strings - if some line of the archive of log to contain one of strings of this archive (each string for line), this line of log will be ignored of the report. With this you can filter any thing of the report.It places in the archive sarg.conf: exclude_string /etc/sarg/exclude.stringsexclude.users - the users who will be in this archive (separate for line) will not be enclosed in the report.It places in the archive sarg.conf: exclude_users /etc/sarg/exclude.users