]>
Commit | Line | Data |
---|---|---|
1 | # sarg.conf | |
2 | # | |
3 | # TAG: access_log file | |
4 | # Where is the access.log file | |
5 | # | |
6 | # This option can be repeated multiple times to list rotated files or | |
7 | # files from different sources. | |
8 | # | |
9 | # The files named here must exists or sarg aborts. It is intended as a | |
10 | # safety against incomplete reporting due to problems occuring with the | |
11 | # logs. | |
12 | # | |
13 | # If the file globbing was compiled in, the file name can contain shell | |
14 | # wildcards such as * and ?. Tilde expension and variable expension are | |
15 | # not supported. Special characters can be escaped with a backslash. | |
16 | # | |
17 | # If some files are passed on the command line with "sarg -l file" or | |
18 | # "sarg file", the files listed here are ignored. | |
19 | # | |
20 | #access_log /usr/local/squid/var/logs/access.log | |
21 | ||
22 | # TAG: graphs yes|no | |
23 | # Use graphics where is possible. | |
24 | # graph_days_bytes_bar_color blue|green|yellow|orange|brown|red | |
25 | # | |
26 | #graphs yes | |
27 | #graph_days_bytes_bar_color orange | |
28 | ||
29 | # TAG: graph_font | |
30 | # The full path to the TTF font file to use to create the graphs. It is required | |
31 | # if graphs is set to yes. | |
32 | # | |
33 | #graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf | |
34 | ||
35 | # TAG: title | |
36 | # Especify the title for html page. | |
37 | # | |
38 | #title "Squid User Access Reports" | |
39 | ||
40 | # TAG: font_face | |
41 | # Especify the font for html page. | |
42 | # | |
43 | #font_face Tahoma,Verdana,Arial | |
44 | ||
45 | # TAG: header_color | |
46 | # Especify the header color | |
47 | # | |
48 | #header_color darkblue | |
49 | ||
50 | # TAG: header_bgcolor | |
51 | # Especify the header bgcolor | |
52 | # | |
53 | #header_bgcolor blanchedalmond | |
54 | ||
55 | # TAG: font_size | |
56 | # Especify the text font size | |
57 | # | |
58 | #font_size 9px | |
59 | ||
60 | # TAG: header_font_size | |
61 | # Especify the header font size | |
62 | # | |
63 | #header_font_size 9px | |
64 | ||
65 | # TAG: title_font_size | |
66 | # Especify the title font size | |
67 | # | |
68 | #title_font_size 11px | |
69 | ||
70 | # TAG: background_color | |
71 | # TAG: background_color | |
72 | # Html page background color | |
73 | # | |
74 | # background_color white | |
75 | ||
76 | # TAG: text_color | |
77 | # Html page text color | |
78 | # | |
79 | #text_color #000000 | |
80 | ||
81 | # TAG: text_bgcolor | |
82 | # Html page text background color | |
83 | # | |
84 | #text_bgcolor lavender | |
85 | ||
86 | # TAG: title_color | |
87 | # Html page title color | |
88 | # | |
89 | #title_color green | |
90 | ||
91 | # TAG: logo_image | |
92 | # Html page logo. | |
93 | # | |
94 | #logo_image none | |
95 | ||
96 | # TAG: logo_text | |
97 | # Html page logo text. | |
98 | # | |
99 | #logo_text "" | |
100 | ||
101 | # TAG: logo_text_color | |
102 | # Html page logo texti color. | |
103 | # | |
104 | #logo_text_color #000000 | |
105 | ||
106 | # TAG: logo_image_size | |
107 | # Html page logo image size. | |
108 | # width height | |
109 | # | |
110 | #image_size 80 45 | |
111 | ||
112 | # TAG: background_image | |
113 | # Html page background image | |
114 | # | |
115 | #background_image none | |
116 | ||
117 | # TAG: password | |
118 | # User password file used by Squid authentication scheme | |
119 | # If used, generate reports just for that users. | |
120 | # | |
121 | #password none | |
122 | ||
123 | # TAG: temporary_dir | |
124 | # Temporary directory name for work files | |
125 | # sarg -w dir | |
126 | # | |
127 | #temporary_dir /tmp | |
128 | ||
129 | # TAG: output_dir | |
130 | # The reports will be saved in that directory | |
131 | # sarg -o dir | |
132 | # | |
133 | #output_dir /var/www/html/squid-reports | |
134 | ||
135 | # TAG: anonymous_output_files yes/no | |
136 | # Use anonymous file and directory names in the report. If it is set to | |
137 | # no (the default), the user id/ip/name is slightly mangled to create a | |
138 | # suitable file name to store the report of the user but the user's | |
139 | # identity can easily be guessed from the mangled name. If this option is | |
140 | # set, any file or directory belonging to the user is replaced by a short | |
141 | # number. The purpose is to hide the identity of the user when looking | |
142 | # at the report file names but it may serve to shorten the path too. | |
143 | # | |
144 | #anonymous_output_files no | |
145 | ||
146 | # TAG: output_email | |
147 | # Email address to send the reports. If you use this tag, no html reports will be generated. | |
148 | # sarg -e email | |
149 | # | |
150 | #output_email none | |
151 | ||
152 | # TAG: resolve_ip modulelist | |
153 | # List the modules to use to convert IP addresses into names. | |
154 | # Each named module is tried in sequence until one returns a result. Therefore | |
155 | # the order of the modules is relevant. | |
156 | # The modules must be listed on one line each separated from the previous one with | |
157 | # a space. | |
158 | # | |
159 | # The possible modules are | |
160 | # dns Use the DNS. | |
161 | # exec Call an external program with the IP address as argument. | |
162 | # | |
163 | # For compatibility with previous versions, yes is a synonymous for dns and | |
164 | # no does nothing. | |
165 | # sarg -n forces the use of the dns module. | |
166 | #resolve_ip no | |
167 | ||
168 | # TAG: resolve_ip_exec command | |
169 | # If resolve_ip selects the exec module, this is the command to run to | |
170 | # resolve an IP address. The command must contain a placeholder where the | |
171 | # IP address is inserted. The placeholder must be %IP in uppercases. The | |
172 | # placeholder may be repeated multiple times if necessary. | |
173 | # | |
174 | # The command is expected to return the host name without frills on its | |
175 | # standard output. If the command returns nothing, it is assumed that the | |
176 | # command could not resolve the IP address and the next module in the | |
177 | # chain is given a try with the same address. | |
178 | # | |
179 | # This option can only be used once. Therefore there is only one command | |
180 | # available to resolve an IP address but the program can do anything it | |
181 | # deems fit including attempting several strategies. | |
182 | # | |
183 | # Beware that running an external program is exceedingly slow. So you | |
184 | # should try the DNS first and only call an external program if the DNS | |
185 | # fails. | |
186 | #resolve_ip_exec nmblookup -A %IP | sed -n -e 's/^ *\(.*\) *<00> - *B.*/\1/p' | |
187 | ||
188 | # TAG: user_ip yes/no | |
189 | # Use Ip Address instead userid in reports. | |
190 | # sarg -p | |
191 | #user_ip no | |
192 | ||
193 | # TAG: topuser_sort_field field normal/reverse | |
194 | # Sort field for the Topuser Report. | |
195 | # Allowed fields: USER CONNECT BYTES TIME | |
196 | # | |
197 | #topuser_sort_field BYTES reverse | |
198 | ||
199 | # TAG: user_sort_field field normal/reverse | |
200 | # Sort field for the User Report. | |
201 | # Allowed fields: SITE CONNECT BYTES TIME | |
202 | # | |
203 | #user_sort_field BYTES reverse | |
204 | ||
205 | # TAG: exclude_users file | |
206 | # Users within the file will be excluded from reports. | |
207 | # Write one user per line. Lines beginning with # are ignored. | |
208 | # | |
209 | #exclude_users none | |
210 | ||
211 | # TAG: exclude_hosts file | |
212 | # Hosts, domains or subnets will be excluded from reports. | |
213 | # | |
214 | # Eg.: 192.168.10.10 - exclude ip address only | |
215 | # 192.168.10.0/24 - exclude full C class | |
216 | # s1.acme.foo - exclude hostname only | |
217 | # *.acme.foo - exclude full domain name | |
218 | # | |
219 | #exclude_hosts none | |
220 | ||
221 | # TAG: useragent_log file | |
222 | # useragent.log file to generate useragent report. | |
223 | # | |
224 | # This option may be repeated multiple times to process several files. | |
225 | # | |
226 | # Wildcards are allowed (see access_log). | |
227 | # | |
228 | # When this option is used the user_agent report is implicitly | |
229 | # selected in report_type. | |
230 | # | |
231 | #useragent_log none | |
232 | ||
233 | # TAG: date_format | |
234 | # Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww) | |
235 | # | |
236 | #date_format u | |
237 | ||
238 | # TAG: per_user_limit file MB ip/id | |
239 | # Write the user's ID (if last flag is 'id') or the user's IP address (if last flag is 'ip') | |
240 | # in file if download exceed n MB. | |
241 | # This option allows you to disable user access if users exceed a download limit. | |
242 | # The option may be repeated up to 16 times to generate several files with | |
243 | # different content type or limit. | |
244 | # | |
245 | # Examples: | |
246 | # per_user_limit userlimit_1G.txt 1000 ip | |
247 | # per_user_limit /var/log/sarg/userlimit_500M.log 500 id | |
248 | # | |
249 | #per_user_limit none | |
250 | ||
251 | # TAG: per_user_limit_file_create always/as_required | |
252 | # When to create a per_user_limit file. | |
253 | # | |
254 | # Use 'always' to always create the file requested by per_user_limit | |
255 | # even if it is empty. | |
256 | # | |
257 | # Use 'as_required' to create a per_user_limit file only if at least | |
258 | # one user crosses the limit. | |
259 | # | |
260 | #per_user_limit_file_create always | |
261 | ||
262 | # TAG: lastlog n | |
263 | # How many reports files must be keept in reports directory. | |
264 | # The oldest report file will be automatically removed. | |
265 | # 0 - no limit. | |
266 | # | |
267 | #lastlog 0 | |
268 | ||
269 | # TAG: remove_temp_files yes | |
270 | # Remove temporary files: geral, usuarios, top, periodo from root report directory. | |
271 | # | |
272 | #remove_temp_files yes | |
273 | ||
274 | # TAG: index yes|no|only | |
275 | # Generate the main index.html. | |
276 | # only - generate only the main index.html | |
277 | # | |
278 | #index yes | |
279 | ||
280 | # TAG: index_tree date|file | |
281 | # How to generate the index. | |
282 | # | |
283 | #index_tree file | |
284 | ||
285 | # TAG: index_fields | |
286 | # The columns to show in the index of the reports | |
287 | # Columns are: dirsize | |
288 | # | |
289 | #index_fields dirsize | |
290 | ||
291 | # TAG: overwrite_report yes|no | |
292 | # yes - if report date already exist then will be overwrited. | |
293 | # no - if report date already exist then will be renamed to filename.n, filename.n+1 | |
294 | # | |
295 | #overwrite_report no | |
296 | ||
297 | # TAG: records_without_userid ignore|ip|everybody | |
298 | # What can I do with records without user id (no authentication) in access.log file ? | |
299 | # | |
300 | # ignore - This record will be ignored. | |
301 | # ip - Use ip address instead. (default) | |
302 | # everybody - Use "everybody" instead. | |
303 | # | |
304 | #records_without_userid ip | |
305 | ||
306 | # TAG: use_comma no|yes | |
307 | # Use comma instead point in reports. | |
308 | # Eg.: use_comma yes => 23,450,110 | |
309 | # use_comma no => 23.450.110 | |
310 | # | |
311 | #use_comma no | |
312 | ||
313 | # TAG: mail_utility | |
314 | # Mail command to use to send reports via SMTP. Sarg calls it like this: | |
315 | # mail_utility -s "SARG report, date" "output_email" <"mail_content" | |
316 | # | |
317 | # Therefore, it is possible to add more arguments to the command by specifying them | |
318 | # here. | |
319 | # | |
320 | # If you need too, you can use a shell script to process the content of /dev/stdin | |
321 | # (/dev/stdin is the mail_content passed by sarg to the script) and call whatever | |
322 | # command you like. It is not limited to mailing the report via SMTP. | |
323 | # | |
324 | # Don't forget to quote the command if necessary (i.e. if the path contains | |
325 | # characters that must be quoted). | |
326 | # | |
327 | #mail_utility mailx | |
328 | ||
329 | # TAG: topsites_num n | |
330 | # How many sites in topsites report. | |
331 | # | |
332 | #topsites_num 100 | |
333 | ||
334 | # TAG: topsites_sort_order CONNECT|BYTES|TIME|USER A|D | |
335 | # Sort for topsites report, where A=Ascendent, D=Descendent | |
336 | # | |
337 | #topsites_sort_order CONNECT D | |
338 | ||
339 | # TAG: index_sort_order A/D | |
340 | # Sort for index.html, where A=Ascendent, D=Descendent | |
341 | # | |
342 | #index_sort_order D | |
343 | ||
344 | # TAG: exclude_codes file | |
345 | # Ignore records with these codes. Eg.: NONE/400 | |
346 | # Write one code per line. Lines starting with a # are ignored. | |
347 | # Only codes matching exactly one of the line is rejected. The | |
348 | # comparison is not case sensitive. | |
349 | # | |
350 | #exclude_codes /usr/local/sarg/etc/exclude_codes | |
351 | ||
352 | # TAG: replace_index string | |
353 | # Replace "index.html" in the main index file with this string | |
354 | # If null "index.html" is used | |
355 | # | |
356 | #replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?> | |
357 | ||
358 | # TAG: max_elapsed milliseconds | |
359 | # If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time. | |
360 | # Use 0 for no checking | |
361 | # | |
362 | #max_elapsed 28800000 | |
363 | # 8 Hours | |
364 | ||
365 | # TAG: report_type type | |
366 | # What kind of reports to generate. | |
367 | # topusers - users, sites, times, bytes, connects, links to accessed sites, etc | |
368 | # topsites - site, connect and bytes report | |
369 | # sites_users - users and sites report | |
370 | # users_sites - accessed sites by the user report | |
371 | # date_time - bytes used per day and hour report | |
372 | # denied - denied sites with full URL report | |
373 | # auth_failures - autentication failures report | |
374 | # site_user_time_date - sites, dates, times and bytes report | |
375 | # downloads - downloads per user report | |
376 | # user_agent - user agent identification strings report (this report is always selected | |
377 | # if at least one file is provided with useragent option) | |
378 | # | |
379 | # Eg.: report_type topsites denied | |
380 | # | |
381 | #report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads user_agent | |
382 | ||
383 | # TAG: usertab filename | |
384 | # You can change the "userid" or the "ip address" to be a real user name on the reports. | |
385 | # If resolve_ip is active, the ip address is resolved before being looked up into this | |
386 | # file. That is, if you want to map the ip address, be sure to set resolv_ip to no or | |
387 | # the resolved name will be looked into the file instead of the ip address. Note that | |
388 | # it can be used to resolve any ip address known to the dns and then map the unresolved | |
389 | # ip addresses to a name found in the usertab file. | |
390 | # Table syntax: | |
391 | # userid name or ip address name | |
392 | # Eg: | |
393 | # SirIsaac Isaac Newton | |
394 | # vinci Leonardo da Vinci | |
395 | # 192.168.10.1 Karol Wojtyla | |
396 | # | |
397 | # Each line must be terminated with '\n' | |
398 | # If usertab have value "ldap" (case ignoring), user names | |
399 | # will be taken from LDAP server. This method as approaches for reception | |
400 | # of usernames from Active Didectory | |
401 | # | |
402 | #usertab none | |
403 | ||
404 | # TAG: LDAPHost hostname | |
405 | # FQDN or IP address of host with LDAP service or AD DC | |
406 | # default is '127.0.0.1' | |
407 | #LDAPHost 127.0.0.1 | |
408 | ||
409 | # TAG: LDAPPort port | |
410 | # LDAP service port number | |
411 | # default is '389' | |
412 | #LDAPPort 389 | |
413 | ||
414 | # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com | |
415 | # DN of LDAP user, who is authorized to read user's names from LDAP base | |
416 | # default is empty line | |
417 | #LDAPBindDN cn=proxy,dc=mydomain,dc=local | |
418 | ||
419 | # TAG: LDAPBindPW secret | |
420 | # Password of DN, who is authorized to read user's names from LDAP base | |
421 | # default is empty line | |
422 | #LDAPBindPW secret | |
423 | ||
424 | # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com | |
425 | # LDAP search base | |
426 | # default is empty line | |
427 | #LDAPBaseSearch ou=users,dc=mydomain,dc=local | |
428 | ||
429 | # TAG: LDAPFilterSearch (uid=%s) | |
430 | # User search filter by user's logins in LDAP | |
431 | # First founded record will be used | |
432 | # %s - will be changed to userlogins from access.log file | |
433 | # filter string can have up to 5 '%s' tags | |
434 | # default value is '(uid=%s)' | |
435 | #LDAPFilterSearch (uid=%s) | |
436 | ||
437 | # TAG: LDAPTargetAttr attributename | |
438 | # Name of the attribute containing a name of the user | |
439 | # default value is 'cn' | |
440 | #LDAPTargetAttr cn | |
441 | ||
442 | # TAG: LDAPNativeCharset charset-iconv-style | |
443 | # Character set to convert the LDAP string to. | |
444 | # For the list of some available charsets use: "iconv -l". | |
445 | # This option requires libiconv and sarg must have been built with --with-iconv. | |
446 | # default is empty line (UTF-8) | |
447 | #LDAPNativeCharset ISO-8859-1 | |
448 | ||
449 | # TAG: long_url yes|no | |
450 | # If yes, the full url is showed in report. | |
451 | # If no, only the site will be showed | |
452 | # | |
453 | # YES option generate very big sort files and reports. | |
454 | # | |
455 | #long_url no | |
456 | ||
457 | # TAG: date_time_by bytes|elap | |
458 | # Date/Time reports show the downloaded volume or the elapsed time or both. | |
459 | # | |
460 | #date_time_by bytes | |
461 | ||
462 | # TAG: charset name | |
463 | # ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit) | |
464 | # graphic character sets for writing in alphabetic languages | |
465 | # You can use the following charsets: | |
466 | # Latin1 - West European | |
467 | # Latin2 - East European | |
468 | # Latin3 - South European | |
469 | # Latin4 - North European | |
470 | # Cyrillic | |
471 | # Arabic | |
472 | # Greek | |
473 | # Hebrew | |
474 | # Latin5 - Turkish | |
475 | # Latin6 | |
476 | # Windows-1251 | |
477 | # Japan | |
478 | # Koi8-r | |
479 | # UTF-8 | |
480 | # | |
481 | #charset Latin1 | |
482 | ||
483 | # TAG: user_invalid_char "&/" | |
484 | # Records that contain invalid characters in userid will be ignored by Sarg. | |
485 | # | |
486 | #user_invalid_char "&/" | |
487 | ||
488 | # TAG: privacy yes|no | |
489 | # privacy_string "***.***.***.***" | |
490 | # privacy_string_color blue | |
491 | # In some countries the sysadm cannot see the visited sites by a restrictive law. | |
492 | # Using privacy yes the visited url will be changes by privacy_string and the link | |
493 | # will be removed from reports. | |
494 | # | |
495 | #privacy no | |
496 | #privacy_string "***.***.***.***" | |
497 | #privacy_string_color blue | |
498 | ||
499 | # TAG: include_users "user1:user2:...:usern" | |
500 | # Reports will be generated only for listed users. | |
501 | # | |
502 | #include_users none | |
503 | ||
504 | # TAG: exclude_string "string1:string2:...:stringn" | |
505 | # Records from access.log file that contain one of listed strings will be ignored. | |
506 | # | |
507 | #exclude_string none | |
508 | ||
509 | # TAG: show_successful_message yes|no | |
510 | # Shows "Successful report generated on dir" at end of process. | |
511 | # | |
512 | #show_successful_message yes | |
513 | ||
514 | # TAG: show_read_statistics yes|no | |
515 | # Shows how many lines have been read from the current input log file. | |
516 | # | |
517 | #show_read_statistics no | |
518 | ||
519 | # TAG: show_read_percent yes|no | |
520 | # Shows how many percents have been read from the current input log file. | |
521 | # | |
522 | # Beware that this feature requires to read the input log file once to | |
523 | # count the number of lines and then a second time to actually parse it. | |
524 | # You can save some time by disabling it. | |
525 | # | |
526 | #show_read_percent no | |
527 | ||
528 | # TAG: topuser_fields | |
529 | # Which fields must be in Topuser report. | |
530 | # | |
531 | # Valid columns are | |
532 | # NUM Report line number. | |
533 | # DATE_TIME Icons to display the date and time reports. | |
534 | # USERID Display the user's ID. It may be a name or the IP address depending on other settings. | |
535 | # USERIP Display the user's IP address. | |
536 | # CONNECT Number of connections made by the user. | |
537 | # BYTES Number of bytes downloaded by the user. | |
538 | # %BYTES Percent of the total downloaded volume. | |
539 | # IN-CACHE-OUT Percent of cache hit and miss. | |
540 | # USED_TIME How long it took to process the requests from that user. | |
541 | # MILISEC The same in milliseconds | |
542 | # %TIME Percent of the total processing time of the reported users. | |
543 | # TOTAL Add a line to the report with the total of every column. | |
544 | # AVERAGE Add a line to the report with the average of every column. | |
545 | #topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE | |
546 | ||
547 | # TAG: user_report_fields | |
548 | # Which fields must be in User report. | |
549 | # | |
550 | #user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE | |
551 | ||
552 | # TAG: bytes_in_sites_users_report yes|no | |
553 | # Bytes field must be in Site & Users Report ? | |
554 | # | |
555 | #bytes_in_sites_users_report no | |
556 | ||
557 | # TAG: topuser_num n | |
558 | # How many users in topsites report. 0 = no limit | |
559 | # | |
560 | #topuser_num 0 | |
561 | ||
562 | # TAG: datafile file | |
563 | # Save the report results in a file to populate some database | |
564 | # | |
565 | #datafile none | |
566 | ||
567 | # TAG: datafile_delimiter ";" | |
568 | # ascii character to use as a field separator in datafile | |
569 | # | |
570 | #datafile_delimiter ";" | |
571 | ||
572 | # TAG: datafile_fields all | |
573 | # Which data fields must be in datafile | |
574 | # user;date;time;url;connect;bytes;in_cache;out_cache;elapsed | |
575 | # | |
576 | #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed | |
577 | ||
578 | # TAG: datafile_url ip|name | |
579 | # Saves the URL as ip or name in datafile | |
580 | # | |
581 | #datafile_url ip | |
582 | ||
583 | # TAG: weekdays | |
584 | # The weekdays to take into account ( Sunday->0, Saturday->6 ) | |
585 | # Example: | |
586 | #weekdays 1-3,5 | |
587 | # Default: | |
588 | #weekdays 0-6 | |
589 | ||
590 | # TAG: hours | |
591 | # The hours to take into account | |
592 | # Example: | |
593 | #hours 7-12,14,16,18-20 | |
594 | # Default: | |
595 | #hours 0-23 | |
596 | ||
597 | # TAG: dansguardian_conf file | |
598 | # DansGuardian.conf file path | |
599 | # Generate reports from DansGuardian logs. | |
600 | # Use 'none' to disable it. | |
601 | # dansguardian_conf /usr/dansguardian/dansguardian.conf | |
602 | # | |
603 | #dansguardian_conf none | |
604 | ||
605 | # TAG: dansguardian_filter_out_date on|off | |
606 | # This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action. | |
607 | # Note the change of parameter value compared with the old option. | |
608 | # 'off' use the record even if its date is outside of the range found in the input log file. | |
609 | # 'on' use the record only if its date is in the range found in the input log file. | |
610 | # | |
611 | #dansguardian_filter_out_date on | |
612 | ||
613 | # TAG: squidguard_conf file | |
614 | # path to squidGuard.conf file | |
615 | # Generate reports from SquidGuard logs. | |
616 | # Use 'none' to disable. | |
617 | # You can use sarg -L filename to use an alternate squidGuard log. | |
618 | # squidguard_conf /usr/local/squidGuard/squidGuard.conf | |
619 | # | |
620 | #squidguard_conf none | |
621 | ||
622 | # TAG: redirector_log file | |
623 | # the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option | |
624 | # may be repeated up to 64 times to read multiple files. | |
625 | # If this option is specified, it takes precedence over squidguard_conf. | |
626 | # The command line option -L override this option. | |
627 | # | |
628 | #redirector_log /usr/local/squidGuard/var/logs/urls.log | |
629 | ||
630 | # TAG: redirector_filter_out_date on|off | |
631 | # This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not | |
632 | # appropriate with respect to their action. | |
633 | # Note the change of parameter value compared with the old options. | |
634 | # 'off' use the record even if its date is outside of the range found in the input log file. | |
635 | # 'on' use the record only if its date is in the range found in the input log file. | |
636 | # | |
637 | #redirector_filter_out_date on | |
638 | ||
639 | # TAG: redirector_log_format | |
640 | # Format string for web proxy redirector logs. | |
641 | # This option was named squidguard_log_format before sarg 2.3. | |
642 | # REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end# | |
643 | # SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end# | |
644 | #redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end# | |
645 | ||
646 | # TAG: show_sarg_info yes|no | |
647 | # shows sarg information and site path on each report bottom | |
648 | # | |
649 | #show_sarg_info yes | |
650 | ||
651 | # TAG: show_sarg_logo yes|no | |
652 | # shows sarg logo | |
653 | # | |
654 | #show_sarg_logo yes | |
655 | ||
656 | # TAG: parsed_output_log directory | |
657 | # Saves the processed log in a sarg format after parsing the squid log file. | |
658 | # This is a way to dump all of the data structures out, after parsing from | |
659 | # the logs (presumably this data will be much smaller than the log files themselves), | |
660 | # and pull them back in for later processing and merging with data from previous logs. | |
661 | # | |
662 | #parsed_output_log none | |
663 | ||
664 | # TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress | |
665 | # Command to run to compress sarg parsed output log. It may contain | |
666 | # options (such as -f to overwrite existing target file). The name of | |
667 | # the file to compresse is provided at the end of this | |
668 | # command line. Don't forget to quote things appropriately. | |
669 | # | |
670 | #parsed_output_log_compress /bin/gzip | |
671 | ||
672 | # TAG: displayed_values bytes|abbreviation | |
673 | # how the values will be displayed in reports. | |
674 | # eg. bytes - 209.526 | |
675 | # abbreviation - 210K | |
676 | # | |
677 | #displayed_values bytes | |
678 | ||
679 | # Report limits | |
680 | # TAG: authfail_report_limit n | |
681 | # TAG: denied_report_limit n | |
682 | # TAG: siteusers_report_limit n | |
683 | # TAG: squidguard_report_limit n | |
684 | # TAG: user_report_limit n | |
685 | # TAG: dansguardian_report_limit n | |
686 | # TAG: download_report_limit n | |
687 | # report limits (lines). | |
688 | # '0' no limit | |
689 | # | |
690 | #authfail_report_limit 10 | |
691 | #denied_report_limit 10 | |
692 | #siteusers_report_limit 0 | |
693 | #squidguard_report_limit 10 | |
694 | #dansguardian_report_limit 10 | |
695 | #user_report_limit 0 | |
696 | #download_report_limit 50 | |
697 | ||
698 | # TAG: www_document_root dir | |
699 | # Where is your Web DocumentRoot | |
700 | # Sarg will create sarg-php directory with some PHP modules: | |
701 | # - sarg-squidguard-block.php - add urls from user reports to squidGuard DB | |
702 | # | |
703 | #www_document_root /var/www/html | |
704 | ||
705 | # TAG: block_it module_url | |
706 | # This tag allow you to pass urls from user reports to a cgi or php module, | |
707 | # to be blocked by some Squid acl | |
708 | # | |
709 | # Eg.: block_it /sarg-php/sarg-block-it.php | |
710 | # sarg-block-it is a php that will append a url to a flat file. | |
711 | # You must change /var/www/html/sarg-php/sarg-block-it to point to your file | |
712 | # in $filename variable, and chown to a httpd owner. | |
713 | # | |
714 | # sarg will pass http://module_url?url=url | |
715 | # | |
716 | #block_it none | |
717 | ||
718 | # TAG: external_css_file path | |
719 | # Provide the path to an external css file to link into the HTML reports instead of | |
720 | # the inline css written by sarg when this option is not set. | |
721 | # | |
722 | # In versions prior to 2.3, this used to be an absolute file name to | |
723 | # a file to include verbatim in each HTML page but, as it takes a lot of | |
724 | # space, version 2.3 switched to a link to an external css file. | |
725 | # Therefore, this option must contain the HTTP server path on which a client | |
726 | # browser may find the css file. | |
727 | # | |
728 | # Sarg use theses style classes: | |
729 | # .logo logo class | |
730 | # .info sarg information class, align=center | |
731 | # .title_c title class, align=center | |
732 | # .header_c header class, align:center | |
733 | # .header_l header class, align:left | |
734 | # .header_r header class, align:right | |
735 | # .text text class, align:right | |
736 | # .data table text class, align:right | |
737 | # .data2 table text class, align:left | |
738 | # .data3 table text class, align:center | |
739 | # .link link class | |
740 | # | |
741 | # Sarg can be instructed to output the internal css it inline | |
742 | # into the reports with this command: | |
743 | # | |
744 | # sarg --css | |
745 | # | |
746 | # You can redirect the output to a file of your choice and edit | |
747 | # it to your liking. | |
748 | # | |
749 | #external_css_file none | |
750 | ||
751 | # TAG: user_authentication yes|no | |
752 | # Allow user authentication in User Reports using .htaccess | |
753 | # Parameters: | |
754 | # AuthUserTemplateFile - The template to use to create the | |
755 | # .htaccess file. In the template, %u is replaced by the | |
756 | # user's ID for which the report is generated. The path of the | |
757 | # template is relative to the directory containing sarg | |
758 | # configuration file. | |
759 | # | |
760 | # user_authentication no | |
761 | # AuthUserTemplateFile sarg_htaccess | |
762 | ||
763 | # TAG: download_suffix "suffix,suffix,...,suffix" | |
764 | # file suffix to be considered as "download" in Download report. | |
765 | # Use 'none' to disable. | |
766 | # | |
767 | #download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg" | |
768 | ||
769 | # TAG: ulimit n | |
770 | # The maximum number of open file descriptors to avoid "Too many open files" error message. | |
771 | # You need to run sarg as root to use ulimit tag. | |
772 | # If you run sarg with a low privilege user, set to 'none' to disable ulimit | |
773 | # | |
774 | #ulimit 20000 | |
775 | ||
776 | # TAG: ntlm_user_format user|domainname+username | |
777 | # NTLM users format. | |
778 | # | |
779 | #ntlm_user_format domainname+username | |
780 | ||
781 | # TAG: strip_user_suffix suffix | |
782 | # Remove a suffix from the user name. The suffix may be | |
783 | # a Kerberos domain name. It must be at the end of the | |
784 | # user name (as is implied by a suffix). | |
785 | # | |
786 | # This is a lightweight easy to configure option. For a | |
787 | # more complete solution, see useralias. | |
788 | #strip_user_suffix @example.com | |
789 | ||
790 | # TAG: realtime_refresh_time num sec | |
791 | # How many time to auto refresh the realtime report | |
792 | # 0 = disable | |
793 | # | |
794 | # realtime_refresh_time 3 | |
795 | ||
796 | # TAG: realtime_access_log_lines num | |
797 | # How many last lines to get from access.log file | |
798 | # | |
799 | # realtime_access_log_lines 1000 | |
800 | ||
801 | # TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST | |
802 | # Which records must be in realtime report. | |
803 | # | |
804 | # realtime_types GET,PUT,CONNECT,POST | |
805 | ||
806 | # TAG: realtime_unauthenticated_records: ignore|show | |
807 | # What to do with unauthenticated records in realtime report. | |
808 | # | |
809 | # realtime_unauthenticated_records: show | |
810 | ||
811 | # TAG: byte_cost value no_cost_limit | |
812 | # Cost per byte. | |
813 | # Eg. byte_cost 0.01 100000000 | |
814 | # per byte cost = 0.01 | |
815 | # bytes with no cost = 100 Mb | |
816 | # 0 = disable | |
817 | # | |
818 | # byte_cost 0.01 50000000 | |
819 | ||
820 | # TAG: squid24 on|off | |
821 | # Compatilibity with squid version <= 2.4 when using emulate_http_log on | |
822 | # | |
823 | # squid24 off | |
824 | ||
825 | # TAG: sorttable path | |
826 | # The path to a javascript script to dynamically sort the tables. | |
827 | # The path is the link a browser must follow to find the script. For instance, | |
828 | # it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script | |
829 | # is at the root of your web site. | |
830 | # | |
831 | # If the path starts with "../" then it is assumed to be a relative | |
832 | # path and sarg adds as many "../" as necessary to locate the js script from | |
833 | # the output directory. Therefore, ../../sorttable.js links to the javascript | |
834 | # one level above output_dir. | |
835 | # | |
836 | # If this entry is set, each sortable table will have the "sortable" class set. | |
837 | # You may have a look at http://www.kryogenix.org/code/browser/sorttable/ | |
838 | # for the implementation on which sarg is based. | |
839 | # | |
840 | # sorttable /sorttable.js | |
841 | ||
842 | # TAG: hostalias | |
843 | # The name of a text file containing the host names one per line and the | |
844 | # optional alias to use in the report instead of that host name. If the | |
845 | # alias is missing, the host name is replaced by the matching pattern | |
846 | # (that is, including the wildcard). For instance, in the example below, | |
847 | # any host matching *.gstatic.com is grouped, in the report, under the | |
848 | # text "*.gstatic.com". | |
849 | # | |
850 | # Host names may contain up to one wildcard denoted by a *. The wildcard | |
851 | # must not end the host name. | |
852 | # | |
853 | # The host name may be followed by an optional alias but if no alias is | |
854 | # provided, the host name, including the wildcard, replaces any matching | |
855 | # host name found in the log. | |
856 | # | |
857 | # Host names replaced by identical aliases are grouped together in the | |
858 | # reports. | |
859 | # | |
860 | # IP addresses are supported and accept the CIDR notation both for IPv4 and | |
861 | # IPv6 addresses. | |
862 | # | |
863 | # Regular expressions can also be used if sarg was compiled with libpcre. | |
864 | # A regular expression is formated as re:/regexp/ alias | |
865 | # The regexp is a perl regular expression (see man perlre). | |
866 | # Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1) | |
867 | # subpatterns. Only 9 subpatterns are allowed in the replacement string. | |
868 | # Regex are case sensitive by default. To have a case insensitive regex, | |
869 | # defined it like this: re:/regexp/i alias | |
870 | # The option "i" must be written with a lower case. | |
871 | # | |
872 | # Example: | |
873 | # *.gstatic.com | |
874 | # mt*.google.com | |
875 | # *.myphone.microsoft.com | |
876 | # *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure | |
877 | # *.freeav.net antivirus:freeav | |
878 | # *.mail.live.com | |
879 | # 65.52.00.00/14 *.mail.live.com | |
880 | # re:/\.dropbox\.com(:443)?/ dropbox | |
881 | # re:/([\w-]+)\.(\w*[a-zA-Z]\w*)(?::\d+)?$/ \1.\2 | |
882 | #hostalias /usr/local/sarg/hostalias | |
883 | ||
884 | # TAG: useralias | |
885 | # The name of a text file containing the user names one per line and the | |
886 | # optional alias to use in the report instead of that user name. | |
887 | # See the description of hostalias. It uses the same file format as the | |
888 | # useralias option. | |
889 | # | |
890 | # Example: | |
891 | # user454 John | |
892 | # admin* Administrator | |
893 | # re:/^(.*)@example.com$/i \1 | |
894 | #useralias /usr/local/sarg/useralias | |
895 | ||
896 | # TAG: keep_temp_log yes|no | |
897 | # Keep temporary files created by sarg to produce its reports. The normal | |
898 | # operation mode is to delete those files when they are not necessary any more. | |
899 | # | |
900 | # Never leave that option to "yes" for normal operation as temporary files | |
901 | # left over by previous run can be included in subsequent reports. | |
902 | # | |
903 | # Use this option only to diagnose a problem with your reports. A better | |
904 | # alternative is to run sarg from the command line with optino -k. | |
905 | #keep_temp_log no | |
906 | ||
907 | # TAG: max_successive_log_errors n | |
908 | # Set the number of consecutive errors allowed in the input log file before | |
909 | # the reading is aborted with an error. | |
910 | #max_successive_log_errors 3 | |
911 | ||
912 | # TAG: max_total_log_errors n | |
913 | # The reading of the input log file is interrupted if too many errors are found | |
914 | # in the log file. This parameter set the number of errors before the reading | |
915 | # is aborted. Set it to -1 to keep reading the logs irrespective of the | |
916 | # errors found. | |
917 | # | |
918 | # Note that the max_successive_log_errors is still taken into account and | |
919 | # cannot be disabled. | |
920 | #max_total_log_errors 50 | |
921 | ||
922 | # TAG: include conffile | |
923 | # Include the specified conffile. The full path must be provided to | |
924 | # make sure the correct file is loaded. | |
925 | # | |
926 | # Use this option to store common options in one file and include it | |
927 | # in multiple sarg.conf dedicated to various reporting tasks. | |
928 | # | |
929 | # Options declared last take precedence. Use it to include a file and | |
930 | # then override some options after the include statement. Beware that | |
931 | # some options are cumulative such as access_log, useragent_log or | |
932 | # redirector_log. You can't override those options as explained here. | |
933 | # Declaring them in the common file and the including file will merely | |
934 | # add the latter to the list. | |
935 | #include /etc/sarg/sarg-common.conf |