|
SARG is a very useful tool
for us, which is primarily to observe the access statistics on the
site's URL Proxy Server. To report on the SARG configuration we can fit
the needs of our report, whether it is for daily, weekly or monthly.
Here are
step-by-step to install SARG on ubuntu :
The first download sarg in
http://sarg.sourceforge.net/sarg.php, but you can download it through
konsole :
|
root@server:~# aptitude update &&
aptitude install sarg
After SARG installed, do not forget to configure sarg.conf
with your preferred editor :
root@server:~# vim
/etc/squid/sarg.conf
Please change the configuration in accordance with Uncomment
the following :
# sarg.conf
language English
# TAG: access_log
file
access_log
/var/log/squid/access.log
# TAG: graphs yes|no
graphs yes
graph_days_bytes_bar_color
orange
# TAG: title
title "Squid User Access
Reports"
# TAG: font_face
font_face
Tahoma,Verdana,Arial
# TAG: header_color
header_color darkblue
# TAG:
header_bgcolor
header_bgcolor
blanchedalmond
# TAG: font_size
font_size 9px
# TAG:
background_color
background_color white
# TAG: text_color
text_color #000000
# TAG: text_bgcolor
text_bgcolor lavender
#
TAG: title_color
title_color green
# TAG: temporary_dir
temporary_dir /tmp
# TAG: output_dir
#output_dir /var/www/html/squid-reports
output_dir /var/www/squid-reports
# TAG: resolve_ip yes/no
resolve_ip
# TAG: user_ip yes/no
user_ip no
# TAG: topuser_sort_field field normal/reverse
topuser_sort_field BYTES reverse
# TAG: user_sort_field field normal/reverse
user_sort_field BYTES reverse
# TAG: exclude_users file
exclude_users /etc/squid/sarg.users
# TAG: exclude_hosts file
exclude_hosts /etc/squid/sarg.hosts
# TAG: date_format
date_format u
# TAG: lastlog n
lastlog 0
# TAG: remove_temp_files yes
remove_temp_files yes
# TAG: index yes|no|only
index yes
# TAG: index_tree date|file
index_tree file
# TAG: overwrite_report yes|no
overwrite_report yes
# TAG: records_without_userid ignore|ip|everybody
records_without_userid ip
# TAG: use_comma no|yes
use_comma yes
# TAG: mail_utility mail|mailx
mail_utility mailx
# TAG: topsites_num n
topsites_num 100
# TAG: topsites_sort_order CONNECT|BYTES A|D
topsites_sort_order CONNECT D
# TAG: index_sort_order A/D
index_sort_order D
# TAG: exclude_codes file
exclude_codes /etc/squid/sarg.exclude_codes
# TAG: max_elapsed milliseconds
max_elapsed 28800000
# TAG: report_type
type
#report_type topusers topsites sites_users users_sites date_time denied
auth_failures site_user_time_date downloads
report_type topusers topsites sites_users users_sites date_time denied
auth_failures site_user_time_date downloads
# TAG: usertab
filename
usertab
/etc/squid/sarg.usertab
# TAG: long_url yes|no
long_url no
# TAG: date_time_by
bytes|elap
date_time_by bytes
# TAG: charset name
charset Latin1
# TAG:
show_successful_message yes|no
show_successful_message yes
# TAG:
show_read_statistics yes|no
show_read_statistics yes
# TAG: topuser_fields
topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES
IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
# TAG: user_report_fields
user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC
%TIME TOTAL AVERAGE
# TAG: topuser_num n
topuser_num 0
# TAG: site_user_time_date_type list|table
site_user_time_date_type table
# TAG: external_css_file path
download_suffix
"zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
Ends
here and please save it by pressing: wq and hit enter.
To
run sarg manually please use the command :
root@server:~# sarg
So that the above command run automatically so that we execute
the syntax via cron. To be more attractive reportnya then we divide by
daily, weekly and monthly. The trick is as follows:
Daily Report:
root@server:~# vim /usr/sbin/sarg-report-daily
Contents :
#daily :
#======
#!/bin/bash
#Get current date
TODAY=$(date +%d/%m/%Y)
#Get one week ago today
YESTERDAY=$(date --date "1 day ago" +%d/%m/%Y)
sarg /var/log/squid/access.log -o /var/www/squid-reports/daily -z -d
$YESTERDAY-$TODAY
/usr/sbin/squid -k rotate
exit 0
Weekly Report:
root@server:~# vim /usr/sbin/sarg-report-weekly
Contents :
# Weekly :
#========
#!/bin/bash
#Get current date
TODAY=$(date +%d/%m/%Y)
#Get one week ago today
YESTERDAY=$(date --date "1 week ago" +%d/%m/%Y)
sarg /var/log/squid/access.log -o /var/www/squid-reports/weekly -z -d
$YESTERDAY-$TODAY
/usr/sbin/squid -k rotate
exit 0
Monthly Report :
root@server:~# vim /usr/sbin/sarg-report-monthly
Contents :
# Monthly :
#========
#!/bin/bash
#Get current date
TODAY=$(date +%d/%m/%Y)
#Get one week ago today
YESTERDAY=$(date --date "1 month ago" +%d/%m/%Y)
sarg /var/log/squid/access.log -o /var/www/squid-reports/monthly -z -d
$YESTERDAY-$TODAY
/usr/sbin/squid -k rotate
exit 0
The next step is to Change the permissions on the file report:
root@server:~# chmod 755 /usr/sbin/sarg-report-daily
root@server:~# chmod 755 /usr/sbin/sarg-report-weekly
root@server:~# chmod 755 /usr/sbin/sarg-report-monthly
Execution report manually :
root@server:~# /usr/sbin/sarg-report-daily
root@server:~# /usr/sbin/sarg-report-weekly
root@server:~# /usr/sbin/sarg-report-monthly
This command will produce reports in accordance with the
existing output on each syntax.
Report execution settings automatically via crontab:
root@server:~# crontab -e
Report in order to generate automatically by the system in the
crontab made the following settings :
00 00 * * * /usr/sbin/sarg-report-daily
00 01 * * 1 /usr/sbin/sarg-report-weekly
03 02 1 * * /usr/sbin/sarg-report-monthly
Then restart cron with command :
root@server:~#
/etc/init.d/cron restart
Finally finished already SARG installation on ubuntu and to
see the results please go to the
http://ip_address_server/squid-reports/daily to see the log daily
sarg, http://ip_address_server/squid-reports/weekly
to see the log weekly sarg and http://ip_address_server/squid-reports/monthly
to see the log monthly sarg.
|
![[Valid RSS]](image/valid-rss.png "Validate my RSS feed")