]>
git.ipfire.org Git - thirdparty/sarg.git/blob - log.c
2 * AUTHOR: Pedro Lineu Orso orso@penguintech.com.br
4 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
7 * please look at http://sarg.sourceforge.net/donations.php
8 * ---------------------------------------------------------------------
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
26 #include "include/conf.h"
28 #define LEGACY_WRITE_USER
29 #define LEGACY_WRITE_DOWNLOAD
30 #define REPORT_EVERY_X_LINES 5000
37 char sz_Last_User
[ MAXLEN
] = { 0 } ;
38 int bool_ShowReadStatistics
;
40 numlist weekdays
= { { 0, 1, 2, 3, 4, 5, 6 }, 7 };
41 numlist hours
= { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
42 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 }, 24 };
44 void getusers(char *pwdfile
, int debug
);
45 void gethexclude(char *hexfile
, int debug
);
46 void getuexclude(char *uexfile
, int debug
);
48 int compar( const void *, const void * );
50 #define _FILE_OFFSET_BITS 64
57 FILE *fp_in
= NULL
, *fp_ou
= NULL
, *fp_denied
, *fp_usr
, *fp_authfail
, *fp_log
;
59 char sz_Download_Unsort
[ 20000 ] ;
60 FILE * fp_Download_Unsort
= NULL
;
61 FILE * fp_Write_User
= NULL
;
78 char smartfilter
[MAXLEN
];
90 char hm
[15], hmf
[15], hmr
[15], whm
[15];
93 char hexclude
[MAXLEN
];
116 int i0
=0,i1
=0,i2
=0,i3
=0,i4
=0,i5
=0,i6
=0,i7
=0,i8
=0;
121 long int max_elapsed
=0;
124 unsigned long nreg
=0;
126 unsigned long recs2
=0;
128 int OutputNonZero
= REPORT_EVERY_X_LINES
;
136 UserAgentLog
[0]='\0';
137 ExcludeHosts
[0]='\0';
138 ExcludeUsers
[0]='\0';
147 ExternalCSSFile
[0]='\0';
148 SquidGuardLogFormat
[0]='\0';
150 strcpy(AccessLog
,"/usr/local/squid/var/logs/access.log");
151 sprintf(ExcludeCodes
,"%s/exclude_codes",SYSCONFDIR
);
152 strcpy(GraphDaysBytesBarColor
,"orange");
153 strcpy(BgColor
,"#FFFFFF");
154 strcpy(TxColor
,"#000000");
155 strcpy(TxBgColor
,"lavender");
156 strcpy(TiColor
,"darkblue");
159 strcpy(LogoTextColor
,"#000000");
160 strcpy(HeaderColor
,"darkblue");
161 strcpy(HeaderBgColor
,"#DDDDDD");
162 strcpy(LogoTextColor
,"#006699");
163 strcpy(FontSize
,"9px");
164 strcpy(TempDir
,"/tmp");
165 strcpy(OutputDir
,"/usr/local/etc/httpd/htdocs/squid-reports");
166 strcpy(Ip2Name
,"no");
167 strcpy(DateFormat
,"u");
168 strcpy(OverwriteReport
,"no");
169 strcpy(RemoveTempFiles
,"yes");
170 strcpy(ReplaceIndex
,"index.html");
172 strcpy(RecordsWithoutUser
,"ip");
173 strcpy(UseComma
,"no");
174 strcpy(MailUtility
,"mailx");
175 strcpy(TopSitesNum
,"100");
177 strcpy(TopuserSortField
,"BYTES");
178 strcpy(UserSortField
,"BYTES");
179 strcpy(TopuserSortOrder
,"reverse");
180 strcpy(UserSortOrder
,"reverse");
181 strcpy(TopsitesSortField
,"CONNECT");
182 strcpy(TopsitesSortType
,"D");
183 strcpy(LongUrl
,"no");
184 strcpy(language
,"English");
185 strcpy(FontFace
,"Verdana,Tahoma,Arial");
186 strcpy(datetimeby
,"bytes");
187 strcpy(CharSet
,"ISO-8859-1");
188 strcpy(Privacy
,"no");
189 strcpy(PrivacyString
,"***.***.***.***");
190 strcpy(PrivacyStringColor
,"blue");
191 strcpy(SuccessfulMsg
,"yes");
192 strcpy(TopUserFields
,"NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE");
193 strcpy(UserReportFields
,"CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE");
194 strcpy(DataFileDelimiter
,";");
195 strcpy(DataFileFields
,"user;date;time;url;connect;bytes;in_cache;out_cache;elapsed");
196 strcpy(SiteUserTimeDateType
,"table");
197 strcpy(ShowReadStatistics
,"yes");
198 strcpy(IndexSortOrder
,"D");
199 strcpy(ShowSargInfo
,"yes");
200 strcpy(ShowSargLogo
,"yes");
201 strcpy(ParsedOutputLog
,"no");
202 strcpy(ParsedOutputLogCompress
,"/bin/gzip");
203 strcpy(DisplayedValues
,"abbreviation");
204 strcpy(HeaderFontSize
,"9px");
205 strcpy(TitleFontSize
,"11px");
206 strcpy(AuthUserFile
,"/usr/local/sarg/passwd");
207 strcpy(AuthName
,"SARG, Restricted Access");
208 strcpy(AuthType
,"basic");
209 strcpy(Require
,"require user admin %u");
210 strcpy(DownloadSuffix
,"7z,ace,arj,avi,bat,bin,bz2,bzip,cab,com,cpio,dll,doc,dot,exe,gz,iso,lha,lzh,mdb,mov,mp3,mpeg,mpg,mso,nrg,ogg,ppt,rar,rtf,shs,src,sys,tar,tgz,vcd,vob,wma,wmv,zip");
211 strcpy(Graphs
,"yes");
212 strcpy(Ulimit
,"20000");
213 strcpy(NtlmUserFormat
,"domainname+username");
237 UserInvalidChar
[0]='\0';
239 SquidGuardConf
[0]='\0';
240 DansGuardianConf
[0]='\0';
246 dansguardian_count
=0;
248 DeniedReportLimit
=10;
249 AuthfailReportLimit
=10;
250 DansGuardianReportLimit
=10;
251 SquidGuardReportLimit
=10;
252 DownloadReportLimit
=50;
265 bzero(IncludeUsers
, MAXLEN
);
266 bzero(ExcludeString
, MAXLEN
);
268 for(x
=0; x
<=254; x
++)
271 language_load(language
);
272 strcpy(Title
,text
[88]);
274 while((ch
= getopt(argc
, argv
, "a:b:c:d:e:f:g:u:l:o:r:s:t:w:hijmnpvxyz")) != -1){
281 strcpy(uagent
,optarg
);
284 strcpy(hexclude
,optarg
);
288 strcpy(cduntil
,optarg
);
289 getword(cdfrom
,cduntil
,'-');
290 date_from(date
, cdfrom
, cduntil
);
292 duntil
=atoi(cduntil
);
295 strcpy(email
,optarg
);
298 strcpy(ConfigFile
,optarg
);
311 strcpy(warq
[narq
],optarg
);
321 strcpy(outdir
,optarg
);
330 if(strstr(optarg
,"-") == 0) {
334 getword(hm
,optarg
,'-');
338 printf("SARG: time period must be MM or MM:SS. Exit.\n");
342 if(strstr(hm
,":") != 0) {
343 getword(warea
,hm
,':');
344 sprintf(whm
,"%s%s",warea
,hm
);
348 if(strstr(hmf
,":") != 0) {
349 getword(warea
,hmf
,':');
350 sprintf(whm
,"%s%s",warea
,hmf
);
373 fprintf(stderr
, "Option -%c require an argument\n",optopt
);
392 if(ConfigFile
[0] == '\0')
393 sprintf(ConfigFile
,"%s/sarg.conf",SYSCONFDIR
);
395 if(access(ConfigFile
, R_OK
) != 0) {
396 sprintf(msg
,"Cannot open config file: %s - %s",ConfigFile
,strerror(errno
));
402 if(access(ConfigFile
, R_OK
) == 0)
403 getconf(debugm
, ConfigFile
, AccessLog
, debug
, BgColor
, TxColor
, TxBgColor
, TiColor
, LogoImage
, LogoText
, LogoTextColor
, Width
, Height
, Title
, BgImage
, FontFace
, HeaderColor
, HeaderBgColor
, FontSize
, PasswdFile
, TempDir
, OutputDir
, OutputEmail
, Ip2Name
, TopuserSortField
, UserSortField
, TopuserSortOrder
, UserSortOrder
, UserAgentLog
, ExcludeHosts
, DateFormat
, ExcludeUsers
, PerUserLimitFile
, PerUserLimit
, UserIp
, MaxElapsed
);
406 fprintf(stderr
, "SARG: ConfigFile.........= %s\n",ConfigFile
);
407 fprintf(stderr
, "SARG: AccessLog..........= %s\n",AccessLog
);
408 fprintf(stderr
, "SARG: BgColor............= %s\n",BgColor
);
409 fprintf(stderr
, "SARG: TxColor............= %s\n",TxColor
);
410 fprintf(stderr
, "SARG: TxBgColor..........= %s\n",TxBgColor
);
411 fprintf(stderr
, "SARG: TiColor............= %s\n",TiColor
);
412 fprintf(stderr
, "SARG: LogoImage..........= %s\n",LogoImage
);
413 fprintf(stderr
, "SARG: LogoText...........= %s\n",LogoText
);
414 fprintf(stderr
, "SARG: LogoTextColor......= %s\n",LogoTextColor
);
415 fprintf(stderr
, "SARG: Width..............= %s\n",Width
);
416 fprintf(stderr
, "SARG: Height.............= %s\n",Height
);
417 fprintf(stderr
, "SARG: Title..............= %s\n",Title
);
418 fprintf(stderr
, "SARG: BgImage............= %s\n",BgImage
);
419 fprintf(stderr
, "SARG: FontFace...........= %s\n",FontFace
);
420 fprintf(stderr
, "SARG: HeaderColor........= %s\n",HeaderColor
);
421 fprintf(stderr
, "SARG: HeaderBgColor......= %s\n",HeaderBgColor
);
422 fprintf(stderr
, "SARG: FontSize...........= %s\n",FontSize
);
423 fprintf(stderr
, "SARG: PasswdFile.........= %s\n",PasswdFile
);
424 fprintf(stderr
, "SARG: TempDir............= %s\n",TempDir
);
425 fprintf(stderr
, "SARG: OutputDir..........= %s\n",OutputDir
);
426 fprintf(stderr
, "SARG: Ip2Name............= %s\n",Ip2Name
);
427 fprintf(stderr
, "SARG: TopuserSortField.........= %s\n",TopuserSortField
);
428 fprintf(stderr
, "SARG: UserSortField.........= %s\n",UserSortField
);
429 fprintf(stderr
, "SARG: TopuserSortOrder.........= %s\n",TopuserSortOrder
);
430 fprintf(stderr
, "SARG: UserSortOrder.........= %s\n",UserSortOrder
);
431 fprintf(stderr
, "SARG: UserAgentLog.......= %s\n",UserAgentLog
);
432 fprintf(stderr
, "SARG: ExcludeHosts.......= %s\n",ExcludeHosts
);
433 fprintf(stderr
, "SARG: DateFormat.........= %s\n",DateFormat
);
434 fprintf(stderr
, "SARG: ExcludeUsers.......= %s\n",ExcludeUsers
);
435 fprintf(stderr
, "SARG: PerUserLimitFile...= %s\n",PerUserLimitFile
);
436 fprintf(stderr
, "SARG: PerUserLimit.......= %s\n",PerUserLimit
);
437 fprintf(stderr
, "SARG: UserIp.............= %s\n",UserIp
);
438 fprintf(stderr
, "SARG: MaxElapsed.........= %s\n",MaxElapsed
);
439 fprintf(stderr
, "SARG: LastLog............= %s\n",LastLog
);
440 fprintf(stderr
, "SARG:\n");
444 if(DataFile
[0] != '\0');
447 str2
=(char *)subs(TopUserFields
,"%BYTES","SETYB");
448 strcpy(TopUserFields
,str2
);
450 str2
=(char *)subs(UserReportFields
,"%BYTES","SETYB");
451 strcpy(UserReportFields
,str2
);
454 strcpy(warq
[0],AccessLog
);
458 if(strcmp(hexclude
,"onvert") == 0 && strcmp(site
,"plit") != 0) {
459 convlog(warq
[0], df
, dfrom
, duntil
);
463 if(strcmp(site
,"plit") == 0) {
464 splitlog(warq
[0], df
, dfrom
, duntil
, hexclude
);
468 if(ExcludeCodes
[0] != '\0') {
469 if((excludecode
=(char *) malloc(1024))==NULL
) {
470 fprintf(stderr
, "SARG: %s (1024):\n",text
[59]);
473 bzero(excludecode
,1024);
477 if(access(PasswdFile
, R_OK
) == 0) {
478 getusers(PasswdFile
,debug
);
482 if(hexclude
[0] == '\0')
483 strcpy(hexclude
,ExcludeHosts
);
484 if(strlen(hexclude
) > 0) {
485 if(access(hexclude
, R_OK
) != 0) {
486 sprintf(msg
,"Cannot open exclude_hosts file: %s - %s",hexclude
,strerror(errno
));
490 gethexclude(hexclude
,debug
);
495 if(ReportType
[0] == '\0')
496 strcpy(ReportType
,"topsites users_sites sites_users date_time denied auth_failures site_user_time_date");
498 if(access(ExcludeUsers
, R_OK
) == 0) {
499 getuexclude(ExcludeUsers
,debug
);
505 if(strstr(excludeuser
,"indexonly") != 0)
508 if(strcmp(ExcludeUsers
,"indexonly") == 0)
510 if(strcmp(Index
,"only") == 0)
514 strcpy(Ip2Name
,"yes");
516 if(strcmp(UserIp
,"yes") == 0)
519 if(strlen(MaxElapsed
)>1)
520 max_elapsed
=atol(MaxElapsed
);
523 strcpy(outdir
,OutputDir
);
528 strcpy(arq
,AccessLog
);
530 if(uagent
[0] == '\0')
531 strcpy(uagent
,UserAgentLog
);
539 strcpy(df
,DateFormat
);
541 strcpy(DateFormat
,df
);
545 strcpy(DateFormat
,"u");
549 if(strlen(OutputEmail
)>0)
550 strcpy(email
,OutputEmail
);
558 if(strlen(email
) > 0) {
559 sprintf(wtemp2
,"%s/sarg_tmp",tmp2
);
561 strcat(tmp2
,"/sarg_tmp");
566 strcat(tmp2
,"/sarg.log");
568 sprintf(warea
,"%s/sarg",tmp
);
569 if(access(warea
, R_OK
) == 0) {
570 sprintf(tmp3
,"rm -rf %s",warea
);
574 sprintf(tmp3
,"%s/sarg",tmp
);
576 strcat(tmp4
,"/denied.log.unsort");
577 strcat(tmp5
,"/denied.log");
578 strcat(tmp6
,"/authfail.log.unsort");
581 fprintf(stderr
, "SARG: %s:\nSARG:\n",text
[22]);
582 fprintf(stderr
, "SARG: %35s (-a) = %s\n",text
[23],addr
);
583 fprintf(stderr
, "SARG: %35s (-b) = %s\n",text
[71],uagent
);
584 fprintf(stderr
, "SARG: %35s (-c) = %s\n",text
[69],hexclude
);
585 fprintf(stderr
, "SARG: %35s (-d) = %s\n",text
[24],date
);
586 fprintf(stderr
, "SARG: %35s (-e) = %s\n",text
[41],email
);
587 fprintf(stderr
, "SARG: %35s (-f) = %s\n",text
[70],ConfigFile
);
588 if(strcmp(df
,"e") == 0)
589 fprintf(stderr
, "SARG: %35s (-g) = %s (dd/mm/yyyy)\n",text
[25],text
[26]);
590 if(strcmp(df
,"u") == 0)
591 fprintf(stderr
, "SARG: %35s (-g) = %s (mm/dd/yyyy)\n",text
[25],text
[27]);
592 if(strcmp(df
,"w") == 0)
593 fprintf(stderr
, "SARG: %35s (-g) = %s (yyyy/ww)\n",text
[25],text
[85]);
595 fprintf(stderr
, "SARG: %35s (-i) = %s\n",text
[28],text
[1]);
597 fprintf(stderr
, "SARG: %35s (-i) = %s\n",text
[28],text
[2]);
598 fprintf(stderr
, "SARG: %35s (-l) = %s\n",text
[37],arq
);
599 if(strcmp(Ip2Name
,"yes") == 0)
600 fprintf(stderr
, "SARG: %35s (-n) = %s\n",text
[65],text
[1]);
602 fprintf(stderr
, "SARG: %35s (-n) = %s\n",text
[65],text
[2]);
603 fprintf(stderr
, "SARG: %35s (-o) = %s\n",text
[38],outdir
);
604 if(strcmp(UserIp
,"yes") == 0)
605 fprintf(stderr
, "SARG: %35s (-p) = %s\n",text
[29],text
[1]);
607 fprintf(stderr
, "SARG: %35s (-p) = %s\n",text
[29],text
[2]);
608 fprintf(stderr
, "SARG: %35s (-s) = %s\n",text
[30],site
);
609 fprintf(stderr
, "SARG: %35s (-t) = %s\n",text
[31],hm
);
610 fprintf(stderr
, "SARG: %35s (-u) = %s\n",text
[32],us
);
611 fprintf(stderr
, "SARG: %35s (-w) = %s\n",text
[34],tmp
);
613 fprintf(stderr
, "SARG: %35s (-x) = %s\n",text
[35],text
[1]);
615 fprintf(stderr
, "SARG: %35s (-x) = %s\n",text
[35],text
[2]);
617 fprintf(stderr
, "SARG: %35s (-z) = %s\n",text
[36],text
[1]);
619 fprintf(stderr
, "SARG: %35s (-z) = %s\n",text
[36],text
[2]);
620 fprintf(stderr
, "SARG:\n");
624 printf("%s:\nSARG:\n",text
[22]);
625 printf("%35s (-a) = %s\n",text
[23],addr
);
626 printf("%35s (-b) = %s\n",text
[71],uagent
);
627 printf("%35s (-c) = %s\n",text
[69],hexclude
);
628 printf("%35s (-d) = %s\n",text
[24],date
);
629 printf("%35s (-e) = %s\n",text
[41],email
);
630 printf("%35s (-f) = %s\n",text
[70],ConfigFile
);
631 if(strcmp(df
,"e") == 0)
632 printf("%35s (-g) = %s (dd/mm/yyyy)\n",text
[25],text
[26]);
633 if(strcmp(df
,"u") == 0)
634 printf("%35s (-g) = %s (mm/dd/yyyy)\n",text
[25],text
[27]);
635 if(strcmp(df
,"w") == 0)
636 printf("%35s (-g) = %s (yyyy/ww)\n",text
[25],text
[85]);
638 printf("%35s (-i) = %s\n",text
[28],text
[1]);
640 printf("%35s (-i) = %s\n",text
[28],text
[2]);
641 printf("%35s (-l) = %s\n",text
[37],arq
);
642 if(strcmp(Ip2Name
,"yes") == 0)
643 printf("%35s (-n) = %s\n",text
[65],text
[1]);
645 printf("%35s (-n) = %s\n",text
[65],text
[2]);
646 printf("%35s (-o) = %s\n",text
[38],outdir
);
647 if(strcmp(UserIp
,"yes") == 0)
648 printf("%35s (-p) = %s\n",text
[29],text
[1]);
650 printf("%35s (-p) = %s\n",text
[29],text
[2]);
651 printf("%35s (-s) = %s\n",text
[30],site
);
652 printf("%35s (-t) = %s\n",text
[31],hm
);
653 printf("%35s (-u) = %s\n",text
[32],us
);
654 printf("%35s (-w) = %s\n",text
[34],tmp
);
656 printf("%35s (-x) = %s\n",text
[35],text
[1]);
658 printf("%35s (-x) = %s\n",text
[35],text
[2]);
660 printf("%35s (-z) = %s\n",text
[36],text
[1]);
662 printf("%35s (-z) = %s\n",text
[36],text
[2]);
663 printf("sarg %s: %s\n",text
[73],VERSION
);
664 printf("Language=%s\n\n",text
[3]);
668 sprintf(msg
,"sarg %s: %s",text
[73],VERSION
);
671 #if defined(RLIMIT_NOFILE)
672 getrlimit (RLIMIT_NOFILE
, &rl
);
673 #else #if defined(RLIMIT_OFILE)
674 getrlimit (RLIMIT_OFILE
, &rl
);
679 rl
.rlim_cur
= atol(Ulimit
);
680 rl
.rlim_max
= atol(Ulimit
);
681 #if defined(RLIMIT_NOFILE)
682 if(setrlimit (RLIMIT_NOFILE
, &rl
) == -1) {
683 #else #if defined(RLIMIT_OFILE)
684 if(setrlimit (RLIMIT_OFILE
, &rl
) == -1) {
686 sprintf(msg
,"setrlimit error - %s\n",strerror(errno
));
691 sprintf(msg
,"Maximum file descriptor: cur=%ld max=%ld, changed to cur=%ld max=%ld",l1
,l2
,rl
.rlim_cur
,rl
.rlim_max
);
695 if(UserTabFile
[0] != '\0') {
697 sprintf(msg
,"%s: %s",text
[86],UserTabFile
);
700 if((fp_usr
=fopen(UserTabFile
,"r"))==NULL
) {
701 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[45],UserTabFile
,strerror(errno
));
704 nreg
= lseek(fileno(fp_usr
), 0, SEEK_END
);
705 lseek(fileno(fp_usr
), 0, 0);
706 if((userfile
=(char *) malloc(nreg
+100))==NULL
){
707 fprintf(stderr
, "%s ERROR: %s",argv
[0],text
[87]);
710 bzero(userfile
,nreg
+100);
711 strncat(userfile
,":",1);
714 while(fgets(buf
,MAXLEN
,fp_usr
)!=NULL
){
715 buf
[strlen(buf
)-1]='\0';
716 if(strstr(buf
,"\r") != 0)
717 buf
[strlen(buf
)-1]='\0';
718 getword(bufy
,buf
,' ');
719 for(z1
=0; z1
<=strlen(bufy
); z1
++) {
720 userfile
[z2
]=bufy
[z1
];
723 strncat(userfile
,":",1);
724 for(z1
=0; z1
<=strlen(buf
); z1
++) {
725 userfile
[z2
]=buf
[z1
];
728 strncat(userfile
,":",1);
733 sprintf ( sz_Download_Unsort
, "%s/sarg/download.unsort", tmp
);
734 bool_ShowReadStatistics
= ( strcmp(ShowReadStatistics
,"yes") == 0 ) ;
737 strcpy(arq
,warq
[iarq
]);
743 sprintf(msg
, "%s: %s",text
[7],arq
);
747 #if defined(HAVE_FOPEN64)
748 if((fp_in
=(long)fopen64(arq
,"r"))==NULL
) {
750 if((fp_in
=fopen(arq
,"r"))==NULL
) {
752 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[8],arq
,strerror(errno
));
755 fgets(bufz
,sizeof(bufz
),fp_in
);
757 if(strncmp(bufz
,"#Software: Mic",14) == 0)
760 if(strncmp(bufz
,"*** SARG Log ***",16) == 0) {
761 getword(val2
,arqtt
,'-');
762 getword(val2
,arqtt
,'_');
763 getword(val3
,arqtt
,'-');
764 getword(val3
,arqtt
,'_');
765 sprintf(periodo
,"%s-%s",val2
,val3
);
767 } else lseek(fileno(fp_in
), 0, 0);
769 if(strcmp(ParsedOutputLog
, "no") != 0 && !sarglog
) {
770 if(access(ParsedOutputLog
,R_OK
) != 0) {
771 sprintf(csort
,"%s",ParsedOutputLog
);
774 sprintf(arq_log
,"%s/sarg_temp.log",ParsedOutputLog
);
775 if((fp_log
=fopen(arq_log
,"w"))==NULL
) {
776 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[8],arq_log
,strerror(errno
));
779 fputs("*** SARG Log ***\n",fp_log
);
782 if(strstr(ReportType
,"denied") != 0) {
783 if((fp_denied
=fopen(tmp4
,"w"))==NULL
) {
784 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[45],tmp4
,strerror(errno
));
789 if(DataFile
[0]=='\0') {
790 if(strstr(ReportType
,"denied") != 0 || strstr(ReportType
,"auth_failures") != 0) {
791 if((fp_authfail
=fopen(tmp6
,"w"))==NULL
) {
792 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[45],tmp6
,strerror(errno
));
798 // pre-Read the file only if I have to show stats
799 if(bool_ShowReadStatistics
) {
803 while( fgets(bufz
,sizeof(bufz
),fp_in
) != NULL
)
807 printf("SARG: Records in file: %d, reading: %3.2f%%\r",recs1
,(float) 0);
812 while(fgets(bufz
,sizeof(bufz
),fp_in
)!=NULL
) {
814 if( bool_ShowReadStatistics
&& ! --OutputNonZero
) {
816 perc
= perc
/ recs1
;
817 printf("SARG: Records in file: %d, reading: %3.2f%%\r",recs1
,perc
);
819 OutputNonZero
= REPORT_EVERY_X_LINES
;
821 if(strlen(bufz
) > MAXLEN
-1) continue;
822 if(!bufz
[0]) continue;
823 if(strstr(bufz
,"HTTP/0.0") != 0) continue;
824 if(strstr(bufz
,"logfile turned over") != 0) continue;
825 if(bufz
[0] == ' ') continue;
826 if(strlen(bufz
) < 58) continue;
828 // Record only hours usage which is required
829 tt
= (time_t) strtoul( bufz
, NULL
, 10 );
830 t
= localtime( &tt
);
832 if( bsearch( &( t
-> tm_wday
), weekdays
.list
, weekdays
.len
,
833 sizeof( int ), compar
) == NULL
)
836 if( bsearch( &( t
-> tm_hour
), hours
.list
, hours
.len
,
837 sizeof( int ), compar
) == NULL
)
842 if(strlen(ExcludeString
) > 0) {
844 strcpy(html
,ExcludeString
);
845 while(strstr(html
,":") != 0) {
846 getword(val1
,html
,':');
847 if((str
=(char *) strstr(warea
,val1
)) != (char *) NULL
)
850 if((str
=(char *) strstr(warea
,html
)) != (char *) NULL
)
853 if(exstring
) continue;
856 if ((str
= strchr(bufz
, '\n')) != NULL
)
857 *str
= '\0'; /* strip \n */
862 printf("BUF=%s\n",bufz
);
864 if(!sarglog
&& !isalog
) {
865 getword(data
,bufz
,' ');
866 if((str
=(char *) strstr(data
, ".")) != (char *) NULL
) {
867 if((str
=(char *) strstr(str
+1, ".")) != (char *) NULL
) {
870 getword(none
,bufz
,' ');
871 getword(user
,bufz
,' ');
872 getword(data
,bufz
,']');
873 getword(fun
,bufz
,'"');
874 getword(fun
,bufz
,' ');
875 getword(url
,bufz
,' ');
876 getword(code2
,bufz
,' ');
877 getword(code2
,bufz
,' ');
878 getword(tam
,bufz
,' ');
879 if((str
=(char *) strstr(bufz
, " ")) != (char *) NULL
)
880 getword(code
,bufz
,' ');
881 else strcpy(code
,bufz
);
883 if ((str
= strchr(code
, ':')) != NULL
)
886 if(strcmp(tam
,"\0") == 0)
895 getword(elap
,bufz
,' ');
897 while(strcmp(elap
,"") == 0 && strlen(bufz
) > 0)
898 getword(elap
,bufz
,' ');
899 if(strlen(elap
) < 1) continue;
900 getword(ip
,bufz
,' ');
901 getword(code
,bufz
,' ');
902 getword(tam
,bufz
,' ');
903 getword(fun
,bufz
,' ');
904 getword(url
,bufz
,' ');
905 getword(user
,bufz
,' ');
909 getword(data
,bufz
,' ');
910 getword(hora
,bufz
,' ');
911 getword(user
,bufz
,' ');
912 getword(ip
,bufz
,' ');
913 getword(url
,bufz
,' ');
914 getword(tam
,bufz
,' ');
915 getword(code
,bufz
,' ');
916 getword(elap
,bufz
,' ');
917 getword(smartfilter
,bufz
,' ');
920 getword(val1
,bufz
,' ');
921 while(strstr(bufz
,"\t") != 0) {
922 getword(val1
,bufz
,'\t');
924 if(strcmp(val1
,"c-ip") == 0) i1
=i0
;
925 if(strcmp(val1
,"cs-username") == 0) i2
=i0
;
926 if(strcmp(val1
,"date") == 0) i3
=i0
;
927 if(strcmp(val1
,"time") == 0) i4
=i0
;
928 if(strcmp(val1
,"time-taken") == 0) i5
=i0
;
929 if(strcmp(val1
,"sc-bytes") == 0) i6
=i0
;
930 if(strcmp(val1
,"cs-uri") == 0) i7
=i0
;
931 if(strcmp(val1
,"sc-status") == 0) i8
=i0
;
934 fgets(bufz
,sizeof(bufz
),fp_in
);
936 for(x
=0; x
<=i1
-1; x
++) getword3(ip
,val1
,'\t');
938 for(x
=0; x
<=i2
-1; x
++) getword3(user
,val1
,'\t');
940 for(x
=0; x
<=i3
-1; x
++) getword3(data
,val1
,'\t');
942 for(x
=0; x
<=i4
-1; x
++) getword3(hora
,val1
,'\t');
944 for(x
=0; x
<=i5
-1; x
++) getword3(elap
,val1
,'\t');
946 for(x
=0; x
<=i6
-1; x
++) getword3(tam
,val1
,'\t');
948 for(x
=0; x
<=i7
-1; x
++) getword3(url
,val1
,'\t');
950 for(x
=0; x
<=i8
-1; x
++) getword3(code
,val1
,'\t');
952 if(strcmp(code
,"401") == 0 || strcmp(code
,"403") == 0 || strcmp(code
,"407") == 0) {
953 sprintf(val1
,"DENIED/%s",code
);
956 getword(ano
,data
,'-');
957 getword(mes
,data
,'-');
959 conv_month_name(mes
);
960 sprintf(data
," %s/%s/%s:%s",dia
,mes
,ano
,hora
);
964 if(strlen(IncludeUsers
) > 0) {
965 sprintf(val1
,":%s:",user
);
966 if((str
=(char *) strstr(IncludeUsers
,val1
)) == (char *) NULL
)
977 if(testvaliduserchar(user
))
980 while(strstr(user
,"%5c") != 0 || strstr(user
,"%20") != 0) {
982 strcpy(wuser
,user
+2);
983 sprintf(user
,"%s.%s",w
,wuser
);
988 for(z1
=0; z1
<strlen(str
); z1
++) {
989 if(isalnum(str
[z1
]) || ispunct(str
[z1
])) {
990 if(str
[z1
]=='.') dotinuser
++;
991 if(str
[z1
]=='?' || str
[z1
]=='.' || str
[z1
]==':' || str
[z1
]=='/' || str
[z1
]=='\\')
997 if(strncmp(NtlmUserFormat
,"user",4) == 0) {
998 if(strstr(user
,"_") != 0)
999 getword(warea
,user
,'_');
1000 if(strstr(user
,"+") != 0)
1001 getword(warea
,user
,'+');
1004 if(strstr(ReportType
,"denied") != 0)
1007 if(strlen(DownloadSuffix
)) {
1010 if(strncmp(url
+strlen(url
)-4,".",1) == 0)
1011 strcpy(suffix
,url
+strlen(url
)-3);
1012 else strcpy(suffix
,url
+strlen(url
)-4);
1013 if(strstr(DownloadSuffix
,suffix
) != 0) {
1014 strcpy(download_url
,url
);
1020 if (strchr(url
,'/')) {
1025 if(strcmp(LongUrl
,"no") == 0) {
1031 if(!common
&& !isalog
) {
1035 strftime(tbuf2
, 127, "%H%M", t
);
1036 if(strncmp(df
,"u",1) == 0)
1037 strftime(tbuf
, 127, "%Y%b%d", t
);
1038 if(strncmp(df
,"e",1) == 0)
1039 strftime(tbuf
, 127, "%d%b%Y", t
);
1040 if(strncmp(df
,"w",1) == 0)
1041 strftime(tbuf
, 127, "%Y.%U", t
);
1043 strftime(dia
, 127, "%d/%m/%Y", t
);
1044 strftime(wdata
, 127, "%Y%m%d", t
);
1048 if(strncmp(df
,"u",1)==0)
1049 strftime(dia
, 127, "%m/%d/%Y", t
);
1050 sprintf(hora
,"%02d:%02d:%02d",t
->tm_hour
,t
->tm_min
,t
->tm_sec
);
1052 strcpy(wtemp
,data
+1);
1053 getword(data
,wtemp
,':');
1054 getword(hora
,wtemp
,' ');
1055 getword(dia
,data
,'/');
1056 getword(mes
,data
,'/');
1057 getword(ano
,data
,'/');
1059 if(strcmp(df
,"u") == 0)
1060 sprintf(tbuf
,"%s%s%s",ano
,mes
,dia
);
1061 if(strcmp(df
,"e") == 0)
1062 sprintf(tbuf
,"%s%s%s",dia
,mes
,ano
);
1063 builddia(dia
,mes
,ano
,df
,wdata
);
1067 getword(mes
,data
,'/');
1068 getword(dia
,data
,'/');
1073 printf("DATE=%s IDATA=%d DFROM=%d DUNTIL=%d\n",date
,idata
,dfrom
,duntil
);
1077 if(strcmp(user
,us
)==0)
1083 if(strcmp(addr
,ip
)==0)
1087 // l=vhexclude(excludefile,ip);
1088 l
=vhexclude(excludefile
,url
);
1095 if(strlen(date
) > 0){
1096 if(idata
>= dfrom
&& idata
<= duntil
)
1106 getword(warea
,whm
,':');
1107 strncat(hmr
,warea
,2);
1112 if(atoi(hmr
) >= atoi(hm
) && atoi(hmr
) <= atoi(hmf
))
1118 if(strstr(url
,site
)!=0)
1126 if(strcmp(user
,"-") == 0 || strcmp(user
," ") == 0 || strcmp(user
,"") == 0) {
1127 if(strcmp(RecordsWithoutUser
,"ip") == 0)
1129 if(strcmp(RecordsWithoutUser
,"ignore") == 0)
1131 if(strcmp(RecordsWithoutUser
,"everybody") == 0)
1132 strcpy(user
,"everybody");
1136 sprintf(wuser
,":%s:",user
);
1137 if(strstr(userfile
, wuser
) == 0)
1143 l
=vuexclude(excludeuser
,user
);
1154 if(l
&&max_elapsed
) {
1155 if(atol(elap
)>max_elapsed
) {
1162 if(strcmp(user
,"-") !=0 && strlen(url
) > 0 && strcmp(user
," ") !=0 && strcmp(user
,"") !=0 && strcmp(user
,":") !=0){
1163 if((str
=(char *) strstr(bufz
, "[SmartFilter:")) != (char *) NULL
) {
1164 str
[strlen(str
)-1]='\0';
1165 sprintf(smartfilter
,"\"%s\"",str
+1);
1166 } else sprintf(smartfilter
,"\"\"");
1168 sprintf(bufz
, "%s %s %s %s %s %s %s %s %s\n",dia
,hora
,user
,ip
,url
,tam
,code
,elap
,smartfilter
);
1170 #ifdef LEGACY_WRITE_USER
1171 sprintf(tmp3
,"%s/sarg/%s.unsort",tmp
,user
);
1172 #if defined(HAVE_FOPEN64)
1173 if((fp_ou
=fopen64(tmp3
,"a"))==NULL
) {
1175 if((fp_ou
=fopen(tmp3
,"a"))==NULL
) {
1177 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[9],tmp3
,strerror(errno
));
1183 if ( strcmp ( user
, sz_Last_User
) != 0 ) {
1184 if ( fp_Write_User
)
1185 fclose( fp_Write_User
) ;
1186 sprintf (tmp3
, "%s/sarg/%s.unsort", tmp
, user
);
1188 #if defined(HAVE_FOPEN64)
1189 if ((fp_Write_User
= fopen64 (tmp3
, "a")) == NULL
) {
1191 if ((fp_Write_User
= fopen (tmp3
, "a")) == NULL
) {
1193 fprintf (stderr
, "%s: (log) %s: %s - %s\n", argv
[0], text
[9], tmp3
, strerror(errno
));
1196 strcpy( sz_Last_User
, user
) ;
1198 fputs (bufz
, fp_Write_User
);
1201 if(strcmp(ParsedOutputLog
, "no") != 0 && !sarglog
)
1204 #ifdef LEGACY_WRITE_USER
1210 sprintf(bufz
, "%s %s %s %s %s\n",dia
,hora
,user
,ip
,download_url
);
1212 #ifdef LEGACY_WRITE_DOWNLOAD
1213 sprintf(tmp3
,"%s/sarg/download.unsort",tmp
);
1214 #if defined(HAVE_FOPEN64)
1215 if((fp_ou
=fopen64(tmp3
,"a"))==NULL
) {
1217 if((fp_ou
=fopen(tmp3
,"a"))==NULL
) {
1219 fprintf(stderr
, "%s: (log) %s: %s - %s\n",argv
[0],text
[9],tmp3
,strerror(errno
));
1225 if ( ! fp_Download_Unsort
) {
1226 #if defined(HAVE_FOPEN64)
1227 if ((fp_Download_Unsort
= fopen64 ( sz_Download_Unsort
, "a")) == NULL
) {
1229 if ((fp_Download_Unsort
= fopen (sz_Download_Unsort
, "a")) == NULL
) {
1231 fprintf (stderr
, "%s: (log) %s: %s - %s\n", argv
[0], text
[9], tmp3
, strerror(errno
));
1235 fputs (bufz
, fp_Download_Unsort
);
1239 if(strstr(ReportType
,"denied") != 0 || strstr(ReportType
,"auth_failures") != 0) {
1240 if(strstr(code
,"DENIED/403") != 0) {
1241 sprintf(bufz
, "%s %s %s %s %s\n",dia
,hora
,user
,ip
,urly
);
1242 fputs(bufz
,fp_denied
);
1245 if(strstr(code
,"DENIED/401") != 0 || strstr(code
,"DENIED/407") != 0) {
1246 sprintf(bufz
, "%s %s %s %s %s\n",dia
,hora
,user
,ip
,urly
);
1248 fputs(bufz
,fp_authfail
);
1253 if(!totper
&& !sarglog
){
1255 sprintf(periodo
,"%s-",tbuf
);
1256 sprintf(per_hour
,"%s-",tbuf2
);
1258 fixper(tbuf
, periodo
, cduntil
);
1260 debugaz("tbuf",tbuf
);
1261 debugaz("periodo",periodo
);
1267 printf("IP=\t%s\n",ip
);
1268 printf("USER=\t%s\n",user
);
1269 printf("ELAP=\t%s\n",elap
);
1270 printf("DATE=\t%s\n",dia
);
1271 printf("TIME=\t%s\n",hora
);
1272 printf("FUNC=\t%s\n",fun
);
1273 printf("URL=\t%s\n",url
);
1274 printf("CODE=\t%s\n",code
);
1275 printf("LEN=\t%s\n",tam
);
1279 if( bool_ShowReadStatistics
)
1280 printf("SARG: Records in file: %d, reading: %3.2f%%\n",recs1
, (float) 100 );
1283 if ( fp_Download_Unsort
)
1284 fclose (fp_Download_Unsort
);
1287 fclose (fp_Write_User
);
1290 sprintf(msg
, " %s: %ld, %s: %ld, %s: %ld",text
[10],totregsl
,text
[11],totregsg
,text
[68],totregsx
);
1293 if((common_log
) && (squid_log
))
1296 if((common_log
) && (!squid_log
))
1299 if((!common_log
) && (squid_log
))
1305 if((!common_log
) && (!squid_log
) && (!sarglog
) && (!isalog
)) {
1307 fprintf(stderr
, "SARG: %s\n",text
[16]);
1308 fprintf(stderr
, "SARG: %s\n",text
[21]);
1309 } else fprintf(stderr
, "SARG: %s\n",text
[15]);
1310 bzero(msg
,sizeof(msg
));
1316 fclose(fp_authfail
);
1327 fprintf(stderr
, "SARG: %s\n",text
[16]);
1328 fprintf(stderr
, "SARG: %s\n",text
[21]);
1334 fclose(fp_authfail
);
1338 if(date
[0] == '\0' && !sarglog
) {
1339 strcat(periodo
,tbuf
);
1340 strcat(per_hour
,tbuf2
);
1344 debugaz("data",dia
);
1345 debugaz("tbuf",tbuf
);
1346 debugaz("periodo",periodo
);
1350 sprintf(msg
, "%s: %s",text
[17],periodo
);
1359 fclose(fp_authfail
);
1361 if(strcmp(ParsedOutputLog
, "no") != 0 && !sarglog
) {
1363 strcpy(val1
,periodo
);
1364 getword(val2
,val1
,'-');
1365 getword(val3
,per_hour
,'-');
1366 sprintf(val4
,"%s/sarg-%s_%s-%s_%s.log",ParsedOutputLog
,val2
,val3
,val1
,per_hour
);
1367 rename(arq_log
,val4
);
1368 strcpy(arq_log
,val4
);
1370 if(strcmp(ParsedOutputLogCompress
,"nocompress") != 0) {
1371 sprintf(val1
,"%s %s",ParsedOutputLogCompress
,arq_log
);
1376 sprintf(msg
,"%s %s",text
[123],arq_log
);
1381 sort_users_log(tmp
, debug
);
1383 if(strstr(ReportType
,"denied") != 0) {
1384 sprintf(csort
,"sort -T %s -k 3,3 -k 5,5 -o '%s' '%s'",tmp
,tmp5
,tmp4
);
1390 if(strlen(DataFile
) > 0)
1396 if(strstr(ReportType
,"denied") != 0)
1399 if((strlen(zip
) > 0 && strcmp(zip
,"zcat") !=0)) {
1401 // else unlink(arq);
1406 sprintf(csort
,"rm -rf %s",tmp
);
1414 void getusers(char *pwdfile
, int debug
)
1421 unsigned long int nreg
=0;
1424 sprintf(Msg
,"%s: %s",text
[60],pwdfile
);
1428 if ((fp_usr
= fopen(pwdfile
, "r")) == NULL
) {
1429 fprintf(stderr
, "SARG: (getusers) %s: %s - %s\n",text
[45],pwdfile
,strerror(errno
));
1433 nreg
= lseek(fileno(fp_usr
), (off_t
)0, SEEK_END
);
1435 lseek(fileno(fp_usr
), (off_t
)0, 0);
1437 if((userfile
=(char *) malloc(nreg
))==NULL
){
1438 fprintf(stderr
, "SARG: %s (%ld):\n",text
[59],nreg
);
1442 bzero(userfile
,nreg
);
1443 sprintf(userfile
,":");
1445 while(fgets(buf
,255,fp_usr
)!=NULL
){
1446 getword(user
,buf
,':');
1447 strncat(userfile
,user
,strlen(user
));
1448 strncat(userfile
,":",1);
1457 void gethexclude(char *hexfile
, int debug
)
1463 unsigned long int nreg
=0;
1466 sprintf(Msg
,"%s: %s",text
[67],hexfile
);
1470 if ((fp_ex
= fopen(hexfile
, "r")) == NULL
) {
1471 fprintf(stderr
, "SARG: (gethexclude) %s: %s - %s\n",text
[45],hexfile
,strerror(errno
));
1475 nreg
= lseek(fileno(fp_ex
), (off_t
)0, SEEK_END
);
1476 lseek(fileno(fp_ex
), (off_t
)0, 0);
1478 if((excludefile
=(char *) malloc(nreg
+11))==NULL
){
1479 fprintf(stderr
, "SARG: %s (%ld):\n",text
[59],nreg
);
1483 bzero(excludefile
,nreg
+11);
1485 while(fgets(buf
,255,fp_ex
)!=NULL
){
1486 if(strstr(buf
,"#") != 0)
1488 buf
[strlen(buf
)-1]='\0';
1489 strcat(excludefile
,buf
);
1490 strcat(excludefile
," ");
1493 strcat(excludefile
,"*FIM* ");
1501 void getuexclude(char *uexfile
, int debug
)
1507 unsigned long int nreg
=0;
1510 sprintf(Msg
,"%s: %s",text
[67],uexfile
);
1514 if ((fp_ex
= fopen(uexfile
, "r")) == NULL
) {
1515 fprintf(stderr
, "SARG: (gethexclude) %s: %s - %s\n",text
[45],uexfile
,strerror(errno
));
1519 nreg
= lseek(fileno(fp_ex
), (off_t
)0, SEEK_END
);
1520 lseek(fileno(fp_ex
), (off_t
)0, 0);
1522 if((excludeuser
=(char *) malloc(nreg
+11))==NULL
){
1523 fprintf(stderr
, "SARG: %s (%ld):\n",text
[59],nreg
);
1527 bzero(excludeuser
,nreg
+11);
1529 while(fgets(buf
,255,fp_ex
)!=NULL
){
1530 if(strstr(buf
,"#") != 0)
1532 buf
[strlen(buf
)-1]='\0';
1533 strcat(excludeuser
,buf
);
1534 strcat(excludeuser
," ");
1537 strcat(excludeuser
,"*FIM* ");