]>
Commit | Line | Data |
---|---|---|
25697a35 GS |
1 | # sarg.conf |
2 | # | |
25697a35 GS |
3 | # TAG: access_log file |
4 | # Where is the access.log file | |
f74970b1 FM |
5 | # |
6 | # This option can be repeated up to 256 times to list rotated files or | |
7 | # files from different sources. | |
8 | # | |
9 | # The files named here must exists or sarg aborts. It is intended as a | |
10 | # safety against incomplete reporting due to problems occuring with the | |
11 | # logs. | |
12 | # | |
13 | # If some files are passed on the command line with "sarg -l file" or | |
14 | # "sarg file", the files listed here are ignored. | |
25697a35 GS |
15 | # |
16 | #access_log /usr/local/squid/var/logs/access.log | |
17 | ||
18 | # TAG: graphs yes|no | |
19 | # Use graphics where is possible. | |
20 | # graph_days_bytes_bar_color blue|green|yellow|orange|brown|red | |
21 | # | |
22 | #graphs yes | |
23 | #graph_days_bytes_bar_color orange | |
24 | ||
3becf85c FM |
25 | # TAG: graph_font |
26 | # The full path to the TTF font file to use to create the graphs. It is required | |
27 | # if graphs is set to yes. | |
28 | # | |
29 | #graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf | |
30 | ||
25697a35 GS |
31 | # TAG: title |
32 | # Especify the title for html page. | |
33 | # | |
34 | #title "Squid User Access Reports" | |
35 | ||
36 | # TAG: font_face | |
37 | # Especify the font for html page. | |
38 | # | |
39 | #font_face Tahoma,Verdana,Arial | |
40 | ||
41 | # TAG: header_color | |
42 | # Especify the header color | |
43 | # | |
44 | #header_color darkblue | |
45 | ||
46 | # TAG: header_bgcolor | |
47 | # Especify the header bgcolor | |
48 | # | |
49 | #header_bgcolor blanchedalmond | |
50 | ||
51 | # TAG: font_size | |
52 | # Especify the text font size | |
53 | # | |
54 | #font_size 9px | |
55 | ||
56 | # TAG: header_font_size | |
57 | # Especify the header font size | |
58 | # | |
59 | #header_font_size 9px | |
60 | ||
61 | # TAG: title_font_size | |
62 | # Especify the title font size | |
63 | # | |
64 | #title_font_size 11px | |
65 | ||
66 | # TAG: background_color | |
67 | # TAG: background_color | |
68 | # Html page background color | |
69 | # | |
70 | # background_color white | |
71 | ||
72 | # TAG: text_color | |
73 | # Html page text color | |
74 | # | |
75 | #text_color #000000 | |
76 | ||
77 | # TAG: text_bgcolor | |
78 | # Html page text background color | |
79 | # | |
80 | #text_bgcolor lavender | |
81 | ||
82 | # TAG: title_color | |
83 | # Html page title color | |
84 | # | |
85 | #title_color green | |
86 | ||
87 | # TAG: logo_image | |
88 | # Html page logo. | |
89 | # | |
90 | #logo_image none | |
91 | ||
92 | # TAG: logo_text | |
93 | # Html page logo text. | |
94 | # | |
95 | #logo_text "" | |
96 | ||
97 | # TAG: logo_text_color | |
98 | # Html page logo texti color. | |
99 | # | |
100 | #logo_text_color #000000 | |
101 | ||
102 | # TAG: logo_image_size | |
129e6ea5 | 103 | # Html page logo image size. |
25697a35 GS |
104 | # width height |
105 | # | |
106 | #image_size 80 45 | |
107 | ||
108 | # TAG: background_image | |
109 | # Html page background image | |
110 | # | |
111 | #background_image none | |
112 | ||
113 | # TAG: password | |
491b862f GS |
114 | # User password file used by Squid authentication scheme |
115 | # If used, generate reports just for that users. | |
25697a35 GS |
116 | # |
117 | #password none | |
118 | ||
119 | # TAG: temporary_dir | |
120 | # Temporary directory name for work files | |
121 | # sarg -w dir | |
122 | # | |
123 | #temporary_dir /tmp | |
124 | ||
125 | # TAG: output_dir | |
126 | # The reports will be saved in that directory | |
127 | # sarg -o dir | |
128 | # | |
129 | #output_dir /var/www/html/squid-reports | |
130 | ||
829a53c2 FM |
131 | # TAG: anonymous_output_files yes/no |
132 | # Use anonymous file and directory names in the report. If it is set to | |
133 | # no (the default), the user id/ip/name is slightly mangled to create a | |
134 | # suitable file name to store the report of the user but the user's | |
135 | # identity can easily be guessed from the mangled name. If this option is | |
136 | # set, any file or directory belonging to the user is replaced by a short | |
137 | # number. The purpose is to hide the identity of the user when looking | |
138 | # at the report file names but it may serve to shorten the path too. | |
139 | # | |
140 | #anonymous_output_files no | |
141 | ||
25697a35 GS |
142 | # TAG: output_email |
143 | # Email address to send the reports. If you use this tag, no html reports will be generated. | |
144 | # sarg -e email | |
145 | # | |
146 | #output_email none | |
147 | ||
51b166d4 FM |
148 | # TAG: resolve_ip modulelist |
149 | # List the modules to use to convert IP addresses into names. | |
150 | # Each named module is tried in sequence until one returns a result. Therefore | |
151 | # the order of the modules is relevant. | |
152 | # The modules must be listed on one line each separated from the previous one with | |
153 | # a space. | |
154 | # | |
155 | # The possible modules are | |
156 | # dns Use the DNS. | |
1e312c82 | 157 | # exec Call an external program with the IP address as argument. |
51b166d4 FM |
158 | # |
159 | # For compatibility with previous versions, yes is a synonymous for dns and | |
160 | # no does nothing. | |
161 | # sarg -n forces the use of the dns module. | |
25697a35 GS |
162 | #resolve_ip no |
163 | ||
1e312c82 FM |
164 | # TAG: resolve_ip_exec command |
165 | # If resolve_ip selects the exec module, this is the command to run to | |
166 | # resolve an IP address. The command must contain a placeholder where the | |
167 | # IP address is inserted. The placeholder must be %IP in uppercases. The | |
168 | # placeholder may be repeated multiple times if necessary. | |
169 | # | |
170 | # The command is expected to return the host name without frills on its | |
171 | # standard output. If the command returns nothing, it is assumed that the | |
172 | # command could not resolve the IP address and the next module in the | |
173 | # chain is given a try with the same address. | |
174 | # | |
175 | # This option can only be used once. Therefore there is only one command | |
176 | # available to resolve an IP address but the program can do anything it | |
177 | # deems fit including attempting several strategies. | |
178 | # | |
179 | # Beware that running an external program is exceedingly slow. So you | |
180 | # should try the DNS first and only call an external program if the DNS | |
181 | # fails. | |
182 | #resolve_ip_exec nmblookup -A %IP | sed -n -e 's/^ *\(.*\) *<00> - *B.*/\1/p' | |
183 | ||
25697a35 GS |
184 | # TAG: user_ip yes/no |
185 | # Use Ip Address instead userid in reports. | |
186 | # sarg -p | |
187 | #user_ip no | |
188 | ||
189 | # TAG: topuser_sort_field field normal/reverse | |
190 | # Sort field for the Topuser Report. | |
191 | # Allowed fields: USER CONNECT BYTES TIME | |
192 | # | |
193 | #topuser_sort_field BYTES reverse | |
194 | ||
195 | # TAG: user_sort_field field normal/reverse | |
196 | # Sort field for the User Report. | |
197 | # Allowed fields: SITE CONNECT BYTES TIME | |
198 | # | |
199 | #user_sort_field BYTES reverse | |
200 | ||
201 | # TAG: exclude_users file | |
202 | # users within the file will be excluded from reports. | |
203 | # you can use indexonly to have only index.html file. | |
204 | # | |
205 | #exclude_users none | |
206 | ||
207 | # TAG: exclude_hosts file | |
208 | # Hosts, domains or subnets will be excluded from reports. | |
209 | # | |
43f18f45 FM |
210 | # Eg.: 192.168.10.10 - exclude ip address only |
211 | # 192.168.10.0/24 - exclude full C class | |
212 | # s1.acme.foo - exclude hostname only | |
213 | # *.acme.foo - exclude full domain name | |
25697a35 GS |
214 | # |
215 | #exclude_hosts none | |
216 | ||
217 | # TAG: useragent_log file | |
491b862f | 218 | # useragent.log file patch to generate useragent report. |
25697a35 GS |
219 | # |
220 | #useragent_log none | |
221 | ||
222 | # TAG: date_format | |
223 | # Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww) | |
129e6ea5 | 224 | # |
25697a35 GS |
225 | #date_format u |
226 | ||
227 | # TAG: per_user_limit file MB | |
228 | # Saves userid on file if download exceed n MB. | |
229 | # This option allow you to disable user access if user exceed a download limit. | |
129e6ea5 | 230 | # |
25697a35 GS |
231 | #per_user_limit none |
232 | ||
233 | # TAG: lastlog n | |
234 | # How many reports files must be keept in reports directory. | |
235 | # The oldest report file will be automatically removed. | |
236 | # 0 - no limit. | |
237 | # | |
238 | #lastlog 0 | |
239 | ||
240 | # TAG: remove_temp_files yes | |
241 | # Remove temporary files: geral, usuarios, top, periodo from root report directory. | |
242 | # | |
243 | #remove_temp_files yes | |
244 | ||
245 | # TAG: index yes|no|only | |
246 | # Generate the main index.html. | |
247 | # only - generate only the main index.html | |
248 | # | |
249 | #index yes | |
250 | ||
491b862f GS |
251 | # TAG: index_tree date|file |
252 | # How to generate the index. | |
253 | # | |
254 | #index_tree file | |
255 | ||
9aaa3361 FM |
256 | # TAG: index_fields |
257 | # The columns to show in the index of the reports | |
258 | # Columns are: dirsize | |
259 | # | |
260 | #index_fields dirsize | |
261 | ||
25697a35 GS |
262 | # TAG: overwrite_report yes|no |
263 | # yes - if report date already exist then will be overwrited. | |
264 | # no - if report date already exist then will be renamed to filename.n, filename.n+1 | |
265 | # | |
266 | #overwrite_report no | |
267 | ||
268 | # TAG: records_without_userid ignore|ip|everybody | |
269 | # What can I do with records without user id (no authentication) in access.log file ? | |
270 | # | |
271 | # ignore - This record will be ignored. | |
272 | # ip - Use ip address instead. (default) | |
273 | # everybody - Use "everybody" instead. | |
274 | # | |
275 | #records_without_userid ip | |
276 | ||
277 | # TAG: use_comma no|yes | |
278 | # Use comma instead point in reports. | |
279 | # Eg.: use_comma yes => 23,450,110 | |
280 | # use_comma no => 23.450.110 | |
281 | # | |
282 | #use_comma no | |
283 | ||
66d35350 FM |
284 | # TAG: mail_utility |
285 | # Mail command to use to send reports via SMTP. Sarg calls it like this: | |
286 | # mail_utility -s "SARG report, date" "output_email" <"mail_content" | |
287 | # | |
288 | # Therefore, it is possible to add more arguments to the command by specifying them | |
289 | # here. | |
290 | # | |
291 | # If you need too, you can use a shell script to process the content of /dev/stdin | |
292 | # (/dev/stdin is the mail_content passed by sarg to the script) and call whatever | |
293 | # command you like. It is not limited to mailing the report via SMTP. | |
294 | # | |
295 | # Don't forget to quote the command if necessary (i.e. if the path contains | |
296 | # characters that must be quoted). | |
25697a35 GS |
297 | # |
298 | #mail_utility mailx | |
299 | ||
300 | # TAG: topsites_num n | |
301 | # How many sites in topsites report. | |
302 | # | |
303 | #topsites_num 100 | |
304 | ||
7d82ea1a | 305 | # TAG: topsites_sort_order CONNECT|BYTES|TIME|USER A|D |
25697a35 GS |
306 | # Sort for topsites report, where A=Ascendent, D=Descendent |
307 | # | |
308 | #topsites_sort_order CONNECT D | |
309 | ||
310 | # TAG: index_sort_order A/D | |
311 | # Sort for index.html, where A=Ascendent, D=Descendent | |
312 | # | |
313 | #index_sort_order D | |
314 | ||
315 | # TAG: exclude_codes file | |
316 | # Ignore records with these codes. Eg.: NONE/400 | |
6cdbb02f FM |
317 | # Write one code per line. Lines starting with a # are ignored. |
318 | # Only codes matching exactly one of the line is rejected. The | |
319 | # comparison is not case sensitive. | |
25697a35 GS |
320 | # |
321 | #exclude_codes /usr/local/sarg/exclude_codes | |
322 | ||
323 | # TAG: replace_index string | |
324 | # Replace "index.html" in the main index file with this string | |
129e6ea5 | 325 | # If null "index.html" is used |
25697a35 GS |
326 | # |
327 | #replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?> | |
328 | ||
329 | # TAG: max_elapsed milliseconds | |
330 | # If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time. | |
129e6ea5 | 331 | # Use 0 for no checking |
25697a35 | 332 | # |
d6e703cc | 333 | #max_elapsed 28800000 |
25697a35 | 334 | # 8 Hours |
25697a35 GS |
335 | |
336 | # TAG: report_type type | |
337 | # What kind of reports to generate. | |
491b862f GS |
338 | # topusers - users, sites, times, bytes, connects, links to accessed sites, etc |
339 | # topsites - site, connect and bytes report | |
340 | # sites_users - users and sites report | |
341 | # users_sites - accessed sites by the user report | |
342 | # date_time - bytes used per day and hour report | |
343 | # denied - denied sites with full URL report | |
344 | # auth_failures - autentication failures report | |
345 | # site_user_time_date - sites, dates, times and bytes report | |
346 | # downloads - downloads per user report | |
25697a35 | 347 | # |
129e6ea5 | 348 | # Eg.: report_type topsites denied |
25697a35 | 349 | # |
491b862f | 350 | #report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads |
25697a35 GS |
351 | |
352 | # TAG: usertab filename | |
353 | # You can change the "userid" or the "ip address" to be a real user name on the reports. | |
d8a1e9f3 FM |
354 | # If resolve_ip is active, the ip address is resolved before being looked up into this |
355 | # file. That is, if you want to map the ip address, be sure to set resolv_ip to no or | |
356 | # the resolved name will be looked into the file instead of the ip address. Note that | |
357 | # it can be used to resolve any ip address known to the dns and then map the unresolved | |
358 | # ip addresses to a name found in the usertab file. | |
25697a35 GS |
359 | # Table syntax: |
360 | # userid name or ip address name | |
361 | # Eg: | |
362 | # SirIsaac Isaac Newton | |
363 | # vinci Leonardo da Vinci | |
364 | # 192.168.10.1 Karol Wojtyla | |
d8a1e9f3 | 365 | # |
25697a35 | 366 | # Each line must be terminated with '\n' |
e3af0ae9 PO |
367 | # If usertab have value "ldap" (case ignoring), user names |
368 | # will be taken from LDAP server. This method as approaches for reception | |
369 | # of usernames from Active Didectory | |
d8a1e9f3 | 370 | # |
25697a35 | 371 | #usertab none |
d8a1e9f3 | 372 | |
e3af0ae9 PO |
373 | # TAG: LDAPHost hostname |
374 | # FQDN or IP address of host with LDAP service or AD DC | |
375 | # default is '127.0.0.1' | |
376 | #LDAPHost 127.0.0.1 | |
377 | ||
378 | # TAG: LDAPPort port | |
379 | # LDAP service port number | |
380 | # default is '389' | |
381 | #LDAPPort 389 | |
382 | ||
383 | # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com | |
384 | # DN of LDAP user, who is authorized to read user's names from LDAP base | |
385 | # default is empty line | |
386 | #LDAPBindDN cn=proxy,dc=mydomain,dc=local | |
387 | ||
388 | # TAG: LDAPBindPW secret | |
389 | # Password of DN, who is authorized to read user's names from LDAP base | |
390 | # default is empty line | |
391 | #LDAPBindPW secret | |
392 | ||
393 | # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com | |
394 | # LDAP search base | |
395 | # default is empty line | |
396 | #LDAPBaseSearch ou=users,dc=mydomain,dc=local | |
397 | ||
1b048c43 | 398 | # TAG: LDAPFilterSearch (uid=%s) |
e3af0ae9 PO |
399 | # User search filter by user's logins in LDAP |
400 | # First founded record will be used | |
401 | # %s - will be changed to userlogins from access.log file | |
1b048c43 FM |
402 | # filter string can have up to 5 '%s' tags |
403 | # default value is '(uid=%s)' | |
404 | #LDAPFilterSearch (uid=%s) | |
e3af0ae9 PO |
405 | |
406 | # TAG: LDAPTargetAttr attributename | |
407 | # Name of the attribute containing a name of the user | |
408 | # default value is 'cn' | |
409 | #LDAPTargetAttr cn | |
25697a35 | 410 | |
fd75cd90 FM |
411 | # TAG: LDAPNativeCharset charset-iconv-style |
412 | # Character set to convert the LDAP string to. | |
413 | # For the list of some available charsets use: "iconv -l". | |
414 | # This option requires libiconv and sarg must have been built with --with-iconv. | |
415 | # default is empty line (UTF-8) | |
416 | #LDAPNativeCharset ISO-8859-1 | |
417 | ||
25697a35 GS |
418 | # TAG: long_url yes|no |
419 | # If yes, the full url is showed in report. | |
420 | # If no, only the site will be showed | |
421 | # | |
422 | # YES option generate very big sort files and reports. | |
423 | # | |
424 | #long_url no | |
425 | ||
426 | # TAG: date_time_by bytes|elap | |
84c9679c | 427 | # Date/Time reports show the downloaded volume or the elapsed time or both. |
25697a35 | 428 | # |
1752e8f8 | 429 | #date_time_by bytes |
25697a35 GS |
430 | |
431 | # TAG: charset name | |
432 | # ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit) | |
433 | # graphic character sets for writing in alphabetic languages | |
434 | # You can use the following charsets: | |
435 | # Latin1 - West European | |
129e6ea5 FM |
436 | # Latin2 - East European |
437 | # Latin3 - South European | |
438 | # Latin4 - North European | |
439 | # Cyrillic | |
440 | # Arabic | |
441 | # Greek | |
442 | # Hebrew | |
443 | # Latin5 - Turkish | |
25697a35 GS |
444 | # Latin6 |
445 | # Windows-1251 | |
d6e703cc | 446 | # Japan |
25697a35 | 447 | # Koi8-r |
d6e703cc | 448 | # UTF-8 |
25697a35 GS |
449 | # |
450 | #charset Latin1 | |
451 | ||
452 | # TAG: user_invalid_char "&/" | |
453 | # Records that contain invalid characters in userid will be ignored by Sarg. | |
454 | # | |
455 | #user_invalid_char "&/" | |
456 | ||
457 | # TAG: privacy yes|no | |
458 | # privacy_string "***.***.***.***" | |
459 | # privacy_string_color blue | |
460 | # In some countries the sysadm cannot see the visited sites by a restrictive law. | |
461 | # Using privacy yes the visited url will be changes by privacy_string and the link | |
462 | # will be removed from reports. | |
463 | # | |
464 | #privacy no | |
465 | #privacy_string "***.***.***.***" | |
466 | #privacy_string_color blue | |
467 | ||
468 | # TAG: include_users "user1:user2:...:usern" | |
469 | # Reports will be generated only for listed users. | |
470 | # | |
471 | #include_users none | |
472 | ||
473 | # TAG: exclude_string "string1:string2:...:stringn" | |
474 | # Records from access.log file that contain one of listed strings will be ignored. | |
475 | # | |
476 | #exclude_string none | |
477 | ||
478 | # TAG: show_successful_message yes|no | |
479 | # Shows "Successful report generated on dir" at end of process. | |
480 | # | |
481 | #show_successful_message yes | |
482 | ||
483 | # TAG: show_read_statistics yes|no | |
2f4787e6 | 484 | # Shows how many lines have been read from the current input log file. |
25697a35 | 485 | # |
2f4787e6 FM |
486 | #show_read_statistics no |
487 | ||
488 | # TAG: show_read_percent yes|no | |
489 | # Shows how many percents have been read from the current input log file. | |
490 | # | |
491 | # Beware that this feature requires to read the input log file once to | |
492 | # count the number of lines and then a second time to actually parse it. | |
493 | # You can save some time by disabling it. | |
494 | # | |
495 | #show_read_percent no | |
25697a35 GS |
496 | |
497 | # TAG: topuser_fields | |
498 | # Which fields must be in Topuser report. | |
499 | # | |
500 | #topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE | |
501 | ||
502 | # TAG: user_report_fields | |
503 | # Which fields must be in User report. | |
504 | # | |
505 | #user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE | |
506 | ||
d6e703cc FM |
507 | # TAG: bytes_in_sites_users_report yes|no |
508 | # Bytes field must be in Site & Users Report ? | |
509 | # | |
510 | #bytes_in_sites_users_report no | |
511 | ||
25697a35 GS |
512 | # TAG: topuser_num n |
513 | # How many users in topsites report. 0 = no limit | |
514 | # | |
515 | #topuser_num 0 | |
516 | ||
25697a35 GS |
517 | # TAG: datafile file |
518 | # Save the report results in a file to populate some database | |
519 | # | |
520 | #datafile none | |
25697a35 GS |
521 | |
522 | # TAG: datafile_delimiter ";" | |
523 | # ascii character to use as a field separator in datafile | |
524 | # | |
525 | #datafile_delimiter ";" | |
526 | ||
527 | # TAG: datafile_fields all | |
528 | # Which data fields must be in datafile | |
529 | # user;date;time;url;connect;bytes;in_cache;out_cache;elapsed | |
530 | # | |
531 | #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed | |
532 | ||
491b862f GS |
533 | # TAG: datafile_url ip|name |
534 | # Saves the URL as ip or name in datafile | |
535 | # | |
f84a35a3 | 536 | #datafile_url ip |
491b862f | 537 | |
25697a35 | 538 | # TAG: weekdays |
3bd75b91 | 539 | # The weekdays to take into account ( Sunday->0, Saturday->6 ) |
25697a35 GS |
540 | # Example: |
541 | #weekdays 1-3,5 | |
542 | # Default: | |
543 | #weekdays 0-6 | |
544 | ||
545 | # TAG: hours | |
3bd75b91 | 546 | # The hours to take into account |
25697a35 GS |
547 | # Example: |
548 | #hours 7-12,14,16,18-20 | |
549 | # Default: | |
550 | #hours 0-23 | |
551 | ||
552 | # TAG: dansguardian_conf file | |
553 | # DansGuardian.conf file path | |
554 | # Generate reports from DansGuardian logs. | |
555 | # Use 'none' to disable it. | |
556 | # dansguardian_conf /usr/dansguardian/dansguardian.conf | |
557 | # | |
558 | #dansguardian_conf none | |
559 | ||
64dfb824 FM |
560 | # TAG: dansguardian_filter_out_date on|off |
561 | # This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action. | |
562 | # Note the change of parameter value compared with the old option. | |
563 | # 'off' use the record even if its date is outside of the range found in the input log file. | |
564 | # 'on' use the record only if its date is in the range found in the input log file. | |
491b862f | 565 | # |
64dfb824 | 566 | #dansguardian_filter_out_date on |
491b862f | 567 | |
25697a35 GS |
568 | # TAG: squidguard_conf file |
569 | # path to squidGuard.conf file | |
570 | # Generate reports from SquidGuard logs. | |
571 | # Use 'none' to disable. | |
491b862f | 572 | # You can use sarg -L filename to use an alternate squidGuard log. |
25697a35 GS |
573 | # squidguard_conf /usr/local/squidGuard/squidGuard.conf |
574 | # | |
575 | #squidguard_conf none | |
576 | ||
1f482a8d FM |
577 | # TAG: redirector_log file |
578 | # the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option | |
579 | # may be repeated up to 64 times to read multiple files. | |
580 | # If this option is specified, it takes precedence over squidguard_conf. | |
581 | # The command line option -L override this option. | |
582 | # | |
583 | #redirector_log /usr/local/squidGuard/var/logs/urls.log | |
584 | ||
64dfb824 FM |
585 | # TAG: redirector_filter_out_date on|off |
586 | # This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not | |
587 | # appropriate with respect to their action. | |
588 | # Note the change of parameter value compared with the old options. | |
589 | # 'off' use the record even if its date is outside of the range found in the input log file. | |
590 | # 'on' use the record only if its date is in the range found in the input log file. | |
491b862f | 591 | # |
64dfb824 | 592 | #redirector_filter_out_date on |
491b862f | 593 | |
1f482a8d FM |
594 | # TAG: redirector_log_format |
595 | # Format string for web proxy redirector logs. | |
596 | # This option was named squidguard_log_format before sarg 2.3. | |
25697a35 | 597 | # REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end# |
d19124ac FM |
598 | # SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end# |
599 | #redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end# | |
25697a35 GS |
600 | |
601 | # TAG: show_sarg_info yes|no | |
602 | # shows sarg information and site path on each report bottom | |
603 | # | |
604 | #show_sarg_info yes | |
605 | ||
606 | # TAG: show_sarg_logo yes|no | |
607 | # shows sarg logo | |
608 | # | |
609 | #show_sarg_logo yes | |
610 | ||
611 | # TAG: parsed_output_log directory | |
612 | # Saves the processed log in a sarg format after parsing the squid log file. | |
129e6ea5 | 613 | # This is a way to dump all of the data structures out, after parsing from |
25697a35 GS |
614 | # the logs (presumably this data will be much smaller than the log files themselves), |
615 | # and pull them back in for later processing and merging with data from previous logs. | |
616 | # | |
617 | #parsed_output_log none | |
618 | ||
491b862f | 619 | # TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress |
ff8d5836 FM |
620 | # Command to run to compress sarg parsed output log. It may contain |
621 | # options (such as -f to overwrite existing target file). The name of | |
622 | # the file to compresse is provided at the end of this | |
623 | # command line. Don't forget to quote things appropriately. | |
25697a35 GS |
624 | # |
625 | #parsed_output_log_compress /bin/gzip | |
626 | ||
491b862f | 627 | # TAG: displayed_values bytes|abbreviation |
25697a35 GS |
628 | # how the values will be displayed in reports. |
629 | # eg. bytes - 209.526 | |
630 | # abbreviation - 210K | |
631 | # | |
632 | #displayed_values bytes | |
633 | ||
634 | # Report limits | |
491b862f GS |
635 | # TAG: authfail_report_limit n |
636 | # TAG: denied_report_limit n | |
637 | # TAG: siteusers_report_limit n | |
638 | # TAG: squidguard_report_limit n | |
639 | # TAG: user_report_limit n | |
640 | # TAG: dansguardian_report_limit n | |
641 | # TAG: download_report_limit n | |
25697a35 GS |
642 | # report limits (lines). |
643 | # '0' no limit | |
644 | # | |
645 | #authfail_report_limit 10 | |
646 | #denied_report_limit 10 | |
647 | #siteusers_report_limit 0 | |
648 | #squidguard_report_limit 10 | |
94ff9470 GS |
649 | #dansguardian_report_limit 10 |
650 | #user_report_limit 10 | |
651 | #user_report_limit 50 | |
25697a35 | 652 | |
491b862f | 653 | # TAG: www_document_root dir |
25697a35 GS |
654 | # Where is your Web DocumentRoot |
655 | # Sarg will create sarg-php directory with some PHP modules: | |
656 | # - sarg-squidguard-block.php - add urls from user reports to squidGuard DB | |
657 | # | |
658 | #www_document_root /var/www/html | |
659 | ||
491b862f | 660 | # TAG: block_it module_url |
25697a35 GS |
661 | # This tag allow you to pass urls from user reports to a cgi or php module, |
662 | # to be blocked by some Squid acl | |
663 | # | |
664 | # Eg.: block_it /sarg-php/sarg-block-it.php | |
665 | # sarg-block-it is a php that will append a url to a flat file. | |
666 | # You must change /var/www/html/sarg-php/sarg-block-it to point to your file | |
667 | # in $filename variable, and chown to a httpd owner. | |
668 | # | |
669 | # sarg will pass http://module_url?url=url | |
670 | # | |
671 | #block_it none | |
672 | ||
491b862f | 673 | # TAG: external_css_file path |
d183fb7f FM |
674 | # Provide the path to an external css file to link into the HTML reports instead of |
675 | # the inline css written by sarg when this option is not set. | |
33dc7dec FM |
676 | # |
677 | # In versions prior to 2.3, this used to be an absolute file name to | |
d183fb7f FM |
678 | # a file to include verbatim in each HTML page but, as it takes a lot of |
679 | # space, version 2.3 switched to a link to an external css file. | |
680 | # Therefore, this option must contain the HTTP server path on which a client | |
681 | # browser may find the css file. | |
33dc7dec | 682 | # |
25697a35 | 683 | # Sarg use theses style classes: |
3a422572 | 684 | # .logo logo class |
25697a35 | 685 | # .info sarg information class, align=center |
3a422572 FM |
686 | # .title_c title class, align=center |
687 | # .header_c header class, align:center | |
688 | # .header_l header class, align:left | |
689 | # .header_r header class, align:right | |
690 | # .text text class, align:right | |
25697a35 | 691 | # .data table text class, align:right |
3a422572 FM |
692 | # .data2 table text class, align:left |
693 | # .data3 table text class, align:center | |
25697a35 GS |
694 | # .link link class |
695 | # | |
d183fb7f FM |
696 | # Sarg can be instructed to output the internal css it inline |
697 | # into the reports with this command: | |
698 | # | |
699 | # sarg --css | |
700 | # | |
701 | # You can redirect the output to a file of your choice and edit | |
702 | # it to your liking. | |
25697a35 GS |
703 | # |
704 | #external_css_file none | |
705 | ||
491b862f | 706 | # TAG: user_authentication yes|no |
25697a35 | 707 | # Allow user authentication in User Reports using .htaccess |
129e6ea5 | 708 | # Parameters: |
d5d021c5 FM |
709 | # AuthUserTemplateFile - The template to use to create the |
710 | # .htaccess file. In the template, %u is replaced by the | |
711 | # user's ID for which the report is generated. The path of the | |
712 | # template is relative to the directory containing sarg | |
713 | # configuration file. | |
25697a35 GS |
714 | # |
715 | # user_authentication no | |
d5d021c5 | 716 | # AuthUserTemplateFile sarg_htaccess |
25697a35 | 717 | |
491b862f | 718 | # TAG: download_suffix "suffix,suffix,...,suffix" |
25697a35 | 719 | # file suffix to be considered as "download" in Download report. |
129e6ea5 | 720 | # Use 'none' to disable. |
25697a35 | 721 | # |
94ff9470 | 722 | #download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg" |
25697a35 | 723 | |
491b862f | 724 | # TAG: ulimit n |
25697a35 GS |
725 | # The maximum number of open file descriptors to avoid "Too many open files" error message. |
726 | # You need to run sarg as root to use ulimit tag. | |
d6e703cc | 727 | # If you run sarg with a low privilege user, set to 'none' to disable ulimit |
25697a35 GS |
728 | # |
729 | #ulimit 20000 | |
730 | ||
d3d1bf9c | 731 | # TAG: ntlm_user_format user|domainname+username |
491b862f | 732 | # NTLM users format. |
25697a35 GS |
733 | # |
734 | #ntlm_user_format domainname+username | |
491b862f GS |
735 | |
736 | # TAG: realtime_refresh_time num sec | |
737 | # How many time to auto refresh the realtime report | |
738 | # 0 = disable | |
739 | # | |
740 | # realtime_refresh_time 3 | |
741 | ||
742 | # TAG: realtime_access_log_lines num | |
129e6ea5 | 743 | # How many last lines to get from access.log file |
491b862f GS |
744 | # |
745 | # realtime_access_log_lines 1000 | |
746 | ||
747 | # TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST | |
748 | # Which records must be in realtime report. | |
749 | # | |
129e6ea5 | 750 | # realtime_types GET,PUT,CONNECT |
491b862f GS |
751 | |
752 | # TAG: realtime_unauthenticated_records: ignore|show | |
753 | # What to do with unauthenticated records in realtime report. | |
754 | # | |
d6e703cc | 755 | # realtime_unauthenticated_records: show |
491b862f GS |
756 | |
757 | # TAG: byte_cost value no_cost_limit | |
758 | # Cost per byte. | |
759 | # Eg. byte_cost 0.01 100000000 | |
760 | # per byte cost = 0.01 | |
761 | # bytes with no cost = 100 Mb | |
762 | # 0 = disable | |
763 | # | |
764 | # byte_cost 0.01 50000000 | |
d6e703cc FM |
765 | |
766 | # TAG: squid24 on|off | |
767 | # Compatilibity with squid version <= 2.4 when using emulate_http_log on | |
768 | # | |
769 | # squid24 off | |
ea275279 FM |
770 | |
771 | # TAG: sorttable path | |
418cd63d FM |
772 | # The path to a javascript script to dynamically sort the tables. |
773 | # The path is the link a browser must follow to find the script. For instance, | |
774 | # it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script | |
775 | # is at the root of your web site. | |
2e96438d FM |
776 | # |
777 | # If the path starts with "../" then it is assumed to be a relative | |
778 | # path and sarg adds as many "../" as necessary to locate the js script from | |
418cd63d | 779 | # the output directory. Therefore, ../../sorttable.js links to the javascript |
2e96438d FM |
780 | # one level above output_dir. |
781 | # | |
ea275279 FM |
782 | # If this entry is set, each sortable table will have the "sortable" class set. |
783 | # You may have a look at http://www.kryogenix.org/code/browser/sorttable/ | |
2e96438d | 784 | # for the implementation on which sarg is based. |
ea275279 FM |
785 | # |
786 | # sorttable /sorttable.js | |
22715352 FM |
787 | |
788 | # TAG: hostalias | |
789 | # The name of a text file containing the host names one per line and the | |
790 | # optional alias to use in the report instead of that host name. | |
791 | # Host names may contain up to one wildcard denoted by a *. The wildcard | |
792 | # must not end the host name. | |
793 | # The host name may be followed by an optional alias but if no alias is | |
794 | # provided, the host name, including the wildcard, replaces any matching | |
795 | # host name found in the log. | |
796 | # Host names replaced by identical aliases are grouped together in the | |
797 | # reports. | |
d0e9cc2c FM |
798 | # IP addresses are supported and accept the CIDR notation both for IPv4 and |
799 | # IPv6 addresses. | |
6e24f222 FM |
800 | # Regular expressions can also be used if sarg was compiled with libpcre. |
801 | # A regular expression is formated as re:/regexp/ alias | |
a16cb22a FM |
802 | # The regexp is a perl regular expression (see man perlre). |
803 | # Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1) | |
804 | # subpatterns. Only 9 subpatterns are allowed in the replacement string. | |
22715352 FM |
805 | # |
806 | # Example: | |
807 | # *.gstatic.com | |
808 | # mt*.google.com | |
809 | # *.myphone.microsoft.com | |
810 | # *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure | |
811 | # *.freeav.net antivirus:freeav | |
812 | # *.mail.live.com | |
d0e9cc2c | 813 | # 65.52.00.00/14 *.mail.live.com |
6e24f222 | 814 | # re:/\.dropbox\.com(:443)?/ dropbox |
a16cb22a | 815 | # re:/([\w-]+)\.(\w*[a-zA-Z]\w*)(?::\d+)?$/\1.\2 |
22715352 | 816 | #hostalias /usr/local/sarg/hostalias |
11767c6a | 817 | |
c4f0ea8f FM |
818 | # TAG: useralias |
819 | # The name of a text file containing the user names one per line and the | |
820 | # optional alias to use in the report instead of that user name. | |
821 | # User names may contain wildcards denoted by a *. | |
822 | # The user name may be followed by an optional alias but if no alias is | |
823 | # provided, the user name, including the wildcard, replaces any matching | |
824 | # user name found in the log. | |
825 | # User names replaced by identical aliases are grouped together in the | |
826 | # reports. | |
827 | # IP addresses are supported and accept the CIDR notation both for IPv4 and | |
828 | # IPv6 addresses. | |
829 | # Regular expressions can also be used if sarg was compiled with libpcre. | |
830 | # A regular expression is formated as re:/regexp/ alias | |
831 | # The regexp is a perl regular expression (see man perlre). | |
832 | # Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1) | |
833 | # subpatterns. Only 9 subpatterns are allowed in the replacement string. | |
834 | #useralias /usr/local/sarg/useralias | |
835 | ||
11767c6a FM |
836 | # TAG: keep_temp_log yes|no |
837 | # Keep temporary files created by sarg to produce its reports. The normal | |
838 | # operation mode is to delete those files when they are not necessary any more. | |
839 | # | |
840 | # Never leave that option to "yes" for normal operation as temporary files | |
841 | # left over by previous run can be included in subsequent reports. | |
842 | # | |
843 | # Use this option only to diagnose a problem with your reports. A better | |
844 | # alternative is to run sarg from the command line with optino -k. | |
845 | #keep_temp_log no | |
4d62cb0a FM |
846 | |
847 | # TAG: max_successive_log_errors n | |
848 | # Set the number of consecutive errors allowed in the input log file before | |
849 | # the reading is aborted with an error. | |
850 | #max_successive_log_errors 3 | |
851 | ||
852 | # TAG: max_total_log_errors n | |
853 | # The reading of the input log file is interrupted if too many errors are found | |
854 | # in the log file. This parameter set the number of errors before the reading | |
855 | # is aborted. Set it to -1 to keep reading the logs irrespective of the | |
856 | # errors found. | |
857 | # | |
858 | # Note that the max_successive_log_errors is still taken into account and | |
859 | # cannot be disabled. | |
860 | #max_total_log_errors 50 |