2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
6 * please look at http://sarg.sourceforge.net/donations.php
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
27 #include "include/conf.h"
28 #include "include/defs.h"
30 #define REPORT_EVERY_X_LINES 5000
31 #define MAX_OPEN_USER_FILES 10
35 struct userfilestruct
*next
;
36 struct userinfostruct
*user
;
40 static char *userfile
=NULL
;
42 numlist weekdays
= { { 0, 1, 2, 3, 4, 5, 6 }, 7 };
43 numlist hours
= { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
44 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 }, 24 };
46 static void getusers(const char *pwdfile
, int debug
);
48 int main(int argc
,char *argv
[])
59 ISACOL_Last
//last entry of the list !
67 ILF_Last
//last entry of the list !
70 FILE *fp_in
= NULL
, *fp_denied
=NULL
, *fp_authfail
=NULL
, *fp_log
=NULL
;
72 char sz_Download_Unsort
[ 20000 ] ;
73 FILE * fp_Download_Unsort
= NULL
;
85 char smartfilter
[MAXLEN
];
96 char hm
[15], hmf
[15], hmr
[15];
99 char hexclude
[MAXLEN
];
111 char start_hour
[128];
117 char user
[MAX_USER_LEN
];
118 enum InputLogFormat ilf
;
119 int ilf_count
[ILF_Last
];
131 int isa_ncols
=0,isa_cols
[ISACOL_Last
];
141 long int max_elapsed
=0;
144 unsigned long recs1
=0UL;
145 unsigned long recs2
=0UL;
146 int OutputNonZero
= REPORT_EVERY_X_LINES
;
148 char *download_url
=NULL
;
149 struct getwordstruct gwarea
;
150 struct longlinestruct line
;
151 struct userinfostruct
*uinfo
;
152 struct userfilestruct
*first_user_file
, *ufile
, *ufile1
, *prev_ufile
;
155 setlocale(LC_TIME
,"");
158 #if defined(ENABLE_NLS) && defined(HAVE_LOCALE_H)
159 setlocale (LC_ALL
, "");
160 bindtextdomain (PACKAGE_NAME
, LOCALEDIR
);
161 textdomain (PACKAGE_NAME
);
169 UserAgentLog
[0]='\0';
170 ExcludeHosts
[0]='\0';
171 ExcludeUsers
[0]='\0';
178 ExternalCSSFile
[0]='\0';
179 SquidGuardLogFormat
[0]='\0';
180 SquidGuardLogAlternate
[0]='\0';
181 for (ilf
=0 ; ilf
<ILF_Last
; ilf
++) ilf_count
[ilf
]=0;
183 sprintf(ExcludeCodes
,"%s/exclude_codes",SYSCONFDIR
);
184 strcpy(GraphDaysBytesBarColor
,"orange");
185 strcpy(BgColor
,"#ffffff");
186 strcpy(TxColor
,"#000000");
187 strcpy(TxBgColor
,"lavender");
188 strcpy(TiColor
,"darkblue");
191 strcpy(LogoTextColor
,"#000000");
192 strcpy(HeaderColor
,"darkblue");
193 strcpy(HeaderBgColor
,"#dddddd");
194 strcpy(LogoTextColor
,"#006699");
195 strcpy(FontSize
,"9px");
196 strcpy(TempDir
,"/tmp");
197 strcpy(OutputDir
,"/var/www/html/squid-reports");
199 strcpy(DateFormat
,"u");
202 strcpy(ReplaceIndex
,"index.html");
204 RecordsWithoutUser
=RECORDWITHOUTUSER_IP
;
206 strcpy(MailUtility
,"mailx");
210 strcpy(TopuserSortField
,"BYTES");
211 strcpy(UserSortField
,"BYTES");
212 strcpy(TopuserSortOrder
,"reverse");
213 strcpy(UserSortOrder
,"reverse");
214 strcpy(TopsitesSortField
,"CONNECT");
215 strcpy(TopsitesSortType
,"D");
217 strcpy(FontFace
,"Verdana,Tahoma,Arial");
218 strcpy(datetimeby
,"elap");
219 strcpy(CharSet
,"ISO-8859-1");
221 strcpy(PrivacyString
,"***.***.***.***");
222 strcpy(PrivacyStringColor
,"blue");
224 TopUserFields
=TOPUSERFIELDS_NUM
| TOPUSERFIELDS_DATE_TIME
| TOPUSERFIELDS_USERID
| TOPUSERFIELDS_CONNECT
|
225 TOPUSERFIELDS_BYTES
| TOPUSERFIELDS_SETYB
| TOPUSERFIELDS_IN_CACHE_OUT
|
226 TOPUSERFIELDS_USED_TIME
| TOPUSERFIELDS_MILISEC
| TOPUSERFIELDS_PTIME
|
227 TOPUSERFIELDS_TOTAL
| TOPUSERFIELDS_AVERAGE
;
228 UserReportFields
=USERREPORTFIELDS_CONNECT
| USERREPORTFIELDS_BYTES
| USERREPORTFIELDS_SETYB
|
229 USERREPORTFIELDS_IN_CACHE_OUT
| USERREPORTFIELDS_USED_TIME
| USERREPORTFIELDS_MILISEC
|
230 USERREPORTFIELDS_PTIME
| USERREPORTFIELDS_TOTAL
| USERREPORTFIELDS_AVERAGE
;
231 strcpy(DataFileDelimiter
,";");
232 DataFileFields
=DATA_FIELD_USER
| DATA_FIELD_DATE
| DATA_FIELD_TIME
| DATA_FIELD_URL
| DATA_FIELD_CONNECT
|
233 DATA_FIELD_BYTES
| DATA_FIELD_IN_CACHE
| DATA_FIELD_OUT_CACHE
| DATA_FIELD_ELAPSED
;
234 ShowReadStatistics
=1;
235 strcpy(IndexSortOrder
,"D");
238 strcpy(ParsedOutputLog
,"no");
239 strcpy(ParsedOutputLogCompress
,"/bin/gzip -f");
240 strcpy(DisplayedValues
,"abbreviation");
241 strcpy(HeaderFontSize
,"9px");
242 strcpy(TitleFontSize
,"11px");
243 strcpy(AuthUserFile
,"/usr/local/sarg/passwd");
244 strcpy(AuthName
,"SARG, Restricted Access");
245 strcpy(AuthType
,"basic");
246 strcpy(Require
,"require user admin %u");
247 set_download_suffix("7z,ace,arj,avi,bat,bin,bz2,bzip,cab,com,cpio,dll,doc,dot,exe,gz,iso,lha,lzh,mdb,mov,mp3,mpeg,mpg,mso,nrg,ogg,ppt,rar,rtf,shs,src,sys,tar,tgz,vcd,vob,wma,wmv,zip");
250 strcpy(GraphFont
,FONTDIR
"/DejaVuSans.ttf");
254 strcpy(Ulimit
,"20000");
255 NtlmUserFormat
=NTLMUSERFORMAT_DOMAINUSER
;
256 IndexTree
=INDEX_TREE_FILE
;
257 strcpy(RealtimeTypes
,"GET,PUT,CONNECT");
258 strcpy(RealtimeUnauthRec
,"show");
259 SquidguardIgnoreDate
=0;
260 DansguardianIgnoreDate
=0;
261 strcpy(DataFileUrl
,"ip");
262 strcpy(MaxElapsed
,"28800000");
263 BytesInSitesUsersReport
=0;
264 UserAuthentication
=0;
265 strcpy(LDAPHost
,"127.0.0.1");
267 LDAPProtocolVersion
=3;
270 LDAPBaseSearch
[0]='\0';
271 strcpy(LDAPFilterSearch
, "uid=%s");
272 strcpy(LDAPTargetAttr
, "cn");
296 UserInvalidChar
[0]='\0';
298 SquidGuardConf
[0]='\0';
299 DansGuardianConf
[0]='\0';
306 dansguardian_count
=0;
309 DeniedReportLimit
=10;
310 AuthfailReportLimit
=10;
311 DansGuardianReportLimit
=10;
312 SquidGuardReportLimit
=10;
313 DownloadReportLimit
=50;
325 realtime_access_log_lines
=1000;
331 bzero(IncludeUsers
, sizeof(IncludeUsers
));
332 bzero(ExcludeString
, sizeof(ExcludeString
));
333 first_user_file
=NULL
;
336 for(x
=0; x
<MAXLOGS
; x
++)
337 AccessLog
[x
][0]='\0';
338 AccessLogFromCmdLine
=0;
340 strcpy(Title
,_("Squid User Access Report"));
342 while((ch
= getopt(argc
, argv
, "a:b:c:d:e:f:g:u:l:L:o:s:t:w:hijmnprvxyz")) != -1){
349 strcpy(uagent
,optarg
);
352 strcpy(hexclude
,optarg
);
355 strncpy(date
,optarg
,sizeof(date
)-1);
356 date
[sizeof(date
)-1]='\0';
357 getword_start(&gwarea
,optarg
);
358 if (getword(cdfrom
,sizeof(cdfrom
),&gwarea
,'-')<0 || getword(cduntil
,sizeof(cduntil
),&gwarea
,0)<0) {
359 printf(_("SARG: The date range requested on the command line by option -d is invalid.\n"));
362 date_from(date
, cdfrom
, cduntil
);
364 duntil
=atoi(cduntil
);
367 strcpy(email
,optarg
);
370 strcpy(ConfigFile
,optarg
);
383 if (NAccessLog
>=MAXLOGS
) {
384 printf(_("SARG: Too many log files passed on command line with option -l.\n"));
387 strcpy(AccessLog
[NAccessLog
],optarg
);
389 AccessLogFromCmdLine
++;
392 strcpy(SquidGuardLogAlternate
,optarg
);
401 strcpy(outdir
,optarg
);
416 if(strstr(optarg
,"-") == 0) {
420 getword_start(&gwarea
,optarg
);
421 if (getword(hm
,sizeof(hm
),&gwarea
,'-')<0 || getword(hmf
,sizeof(hmf
),&gwarea
,0)<0) {
422 debuga(_("The time range passed on the command line with option -t is invalid"));
426 if(sscanf(hm
,"%d:%d",&h
,&m
)!=2) {
427 debuga(_("Time period must be MM or MM:SS. Exit"));
430 sprintf(hm
,"%02d%02d",h
,m
);
431 if(sscanf(hmf
,"%d:%d",&h
,&m
)!=2) {
432 debuga(_("Time period must be MM or MM:SS. Exit"));
435 sprintf(hmf
,"%02d%02d",h
,m
);
457 debuga(_("Option -%c require an argument"),optopt
);
473 if(debug
) debuga(_("Init"));
475 if(ConfigFile
[0] == '\0') sprintf(ConfigFile
,"%s/sarg.conf",SYSCONFDIR
);
476 if(access(ConfigFile
, R_OK
) != 0) {
477 debuga(_("Cannot open config file: %s - %s"),ConfigFile
,strerror(errno
));
481 if(access(ConfigFile
, R_OK
) == 0)
493 if(IndexTree
== INDEX_TREE_FILE
)
494 strcpy(ImageFile
,"../images");
496 strcpy(ImageFile
,"../../../images");
499 if(DataFile
[0] != '\0')
503 strcpy(AccessLog
[0],"/var/log/squid/access.log");
507 if(strcmp(hexclude
,"onvert") == 0 && strcmp(site
,"plit") != 0) {
508 convlog(AccessLog
[0], df
, dfrom
, duntil
);
512 if(strcmp(site
,"plit") == 0) {
513 splitlog(AccessLog
[0], df
, dfrom
, duntil
, hexclude
);
517 load_excludecodes(ExcludeCodes
);
519 if(access(PasswdFile
, R_OK
) == 0) {
520 getusers(PasswdFile
,debug
);
524 if(hexclude
[0] == '\0')
525 strcpy(hexclude
,ExcludeHosts
);
526 if(hexclude
[0] != '\0') {
527 gethexclude(hexclude
,debug
);
531 if(ReportType
== 0) {
532 ReportType
=REPORT_TYPE_TOPUSERS
| REPORT_TYPE_TOPSITES
| REPORT_TYPE_USERS_SITES
|
533 REPORT_TYPE_SITES_USERS
| REPORT_TYPE_DATE_TIME
| REPORT_TYPE_DENIED
|
534 REPORT_TYPE_AUTH_FAILURES
| REPORT_TYPE_SITE_USER_TIME_DATE
| REPORT_TYPE_DOWNLOADS
;
537 if(access(ExcludeUsers
, R_OK
) == 0) {
538 getuexclude(ExcludeUsers
,debug
);
547 if(strcmp(ExcludeUsers
,"indexonly") == 0) indexonly
++;
548 if(Index
== INDEX_ONLY
) indexonly
++;
550 if(MaxElapsed
[0] != '\0') max_elapsed
=atol(MaxElapsed
);
552 if(outdir
[0] == '\0') strcpy(outdir
,OutputDir
);
555 if(uagent
[0] == '\0') strcpy(uagent
,UserAgentLog
);
557 if(tmp
[0] == '\0') strcpy(tmp
,TempDir
);
558 else strcpy(TempDir
,tmp
);
560 if(df
[0] == '\0') strcpy(df
,DateFormat
);
561 else strcpy(DateFormat
,df
);
565 strcpy(DateFormat
,"u");
568 if(email
[0] == '\0' && OutputEmail
[0] != '\0') strcpy(email
,OutputEmail
);
572 if(email
[0] != '\0') {
573 sprintf(wtemp2
,"%s/sarg",tmp2
);
575 strcat(tmp2
,"/sarg");
580 strcat(tmp2
,"/sarg.log");
582 sprintf(tmp3
,"%s/sarg",tmp
);
583 if(access(tmp3
, R_OK
) == 0) {
590 strcat(tmp4
,"/denied.log.unsort");
591 strcat(tmp5
,"/denied.log");
592 strcat(tmp6
,"/authfail.log.unsort");
595 fprintf(stderr
, _("SARG: Parameters:\nSARG:\n"));
596 fprintf(stderr
, _("SARG: Hostname or IP address (-a) = %s\n"),addr
);
597 fprintf(stderr
, _("SARG: Useragent log (-b) = %s\n"),uagent
);
598 fprintf(stderr
, _("SARG: Exclude file (-c) = %s\n"),hexclude
);
599 fprintf(stderr
, _("SARG: Date from-until (-d) = %s\n"),date
);
600 fprintf(stderr
, _("SARG: Email address to send reports (-e) = %s\n"),email
);
601 fprintf(stderr
, _("SARG: Config file (-f) = %s\n"),ConfigFile
);
602 if(strcmp(df
,"e") == 0)
603 fprintf(stderr
, _("SARG: Date format (-g) = Europe (dd/mm/yyyy)\n"));
604 if(strcmp(df
,"u") == 0)
605 fprintf(stderr
, _("SARG: Date format (-g) = USA (mm/dd/yyyy)\n"));
606 if(strcmp(df
,"w") == 0)
607 fprintf(stderr
, _("SARG: Date format (-g) = Sites & Users (yyyy/ww)\n"));
608 fprintf(stderr
, _("SARG: IP report (-i) = %s\n"),(iprel
) ? _("Yes") : _("No"));
609 for (iarq
=0 ; iarq
<NAccessLog
; iarq
++)
610 fprintf(stderr
, _("SARG: Input log (-l) = %s\n"),AccessLog
[iarq
]);
611 fprintf(stderr
, _("SARG: Resolve IP Address (-n) = %s\n"),(Ip2Name
) ? _("Yes") : _("No"));
612 fprintf(stderr
, _("SARG: Output dir (-o) = %s\n"),outdir
);
613 fprintf(stderr
, _("SARG: Use Ip Address instead of userid (-p) = %s\n"),(UserIp
) ? _("Yes") : _("No"));
614 fprintf(stderr
, _("SARG: Accessed site (-s) = %s\n"),site
);
615 fprintf(stderr
, _("SARG: Time (-t) = %s\n"),hm
);
616 fprintf(stderr
, _("SARG: User (-u) = %s\n"),us
);
617 fprintf(stderr
, _("SARG: Temporary dir (-w) = %s\n"),tmp
);
618 fprintf(stderr
, _("SARG: Debug messages (-x) = %s\n"),(debug
) ? _("Yes") : _("No"));
619 fprintf(stderr
, _("SARG: Process messages (-z) = %s\n"),(debugz
) ? _("Yes") : _("No"));
620 fprintf(stderr
, _("SARG:\n"));
624 printf(_("Parameters:\n"));
625 printf(_(" Hostname or IP address (-a) = %s\n"),addr
);
626 printf(_(" Useragent log (-b) = %s\n"),uagent
);
627 printf(_(" Exclude file (-c) = %s\n"),hexclude
);
628 printf(_(" Date from-until (-d) = %s\n"),date
);
629 printf(_(" Email address to send reports (-e) = %s\n"),email
);
630 printf(_(" Config file (-f) = %s\n"),ConfigFile
);
631 if(strcmp(df
,"e") == 0)
632 printf(_(" Date format (-g) = Europe (dd/mm/yyyy)\n"));
633 if(strcmp(df
,"u") == 0)
634 printf(_(" Date format (-g) = USA (mm/dd/yyyy)\n"));
635 if(strcmp(df
,"w") == 0)
636 printf(_(" Date format (-g) = Sites & Users (yyyy/ww)\n"));
637 printf(_(" IP report (-i) = %s\n"),(iprel
) ? _("Yes") : _("No"));
638 for (iarq
=0 ; iarq
<NAccessLog
; iarq
++)
639 printf(_(" Input log (-l) = %s\n"),AccessLog
[iarq
]);
640 printf(_(" Resolve IP Address (-n) = %s\n"),(Ip2Name
) ? _("Yes") : _("No"));
641 printf(_(" Output dir (-o) = %s\n"),outdir
);
642 printf(_("Use Ip Address instead of userid (-p) = %s\n"),(UserIp
) ? _("Yes") : _("No"));
643 printf(_(" Accessed site (-s) = %s\n"),site
);
644 printf(_(" Time (-t) = %s\n"),hm
);
645 printf(_(" User (-u) = %s\n"),us
);
646 printf(_(" Temporary dir (-w) = %s\n"),tmp
);
647 printf(_(" Debug messages (-x) = %s\n"),(debug
) ? _("Yes") : _("No"));
648 printf(_(" Process messages (-z) = %s\n"),(debugz
) ? _("Yes") : _("No"));
649 printf(_("sarg version: %s\n"),VERSION
);
653 debuga(_("sarg version: %s"),VERSION
);
655 maxopenfiles
=MAX_OPEN_USER_FILES
;
657 if (Ulimit
[0] != '\0') {
662 #if defined(RLIMIT_NOFILE)
663 getrlimit (RLIMIT_NOFILE
, &rl
);
664 #elif defined(RLIMIT_OFILE)
665 getrlimit (RLIMIT_OFILE
, &rl
);
667 #warning "No rlimit resource for the number of open files"
672 rl
.rlim_cur
= atol(Ulimit
);
673 rl
.rlim_max
= atol(Ulimit
);
674 #if defined(RLIMIT_NOFILE)
675 rc
=setrlimit (RLIMIT_NOFILE
, &rl
);
676 #elif defined(RLIMIT_OFILE)
677 rc
=setrlimit (RLIMIT_OFILE
, &rl
);
679 #warning "No rlimit resource for the number of open files"
682 debuga(_("setrlimit error - %s\n"),strerror(errno
));
686 debuga("Maximum file descriptor: cur=%ld max=%ld, changed to cur="RLIM_STRING
" max="RLIM_STRING
,l1
,l2
,rl
.rlim_cur
,rl
.rlim_max
);
690 init_usertab(UserTabFile
);
692 if (longline_prepare(&line
)<0) {
693 debuga(_("Not enough memory to read a log file"));
697 sprintf ( sz_Download_Unsort
, "%s/sarg/download.unsort", tmp
);
699 if((ReportType
& REPORT_TYPE_DENIED
) != 0) {
700 if((fp_denied
=MY_FOPEN(tmp4
,"w"))==NULL
) {
701 debuga(_("SARG: (log) Cannot open file: %s - %s"),tmp4
,strerror(errno
));
706 if(DataFile
[0]=='\0') {
707 if((ReportType
& REPORT_TYPE_DENIED
) != 0 || (ReportType
& REPORT_TYPE_AUTH_FAILURES
) != 0) {
708 if((fp_authfail
=MY_FOPEN(tmp6
,"w"))==NULL
) {
709 debuga(_("SARG: (log) Cannot open file: %s - %s"),tmp6
,strerror(errno
));
715 for (iarq
=0 ; iarq
<NAccessLog
; iarq
++) {
716 strcpy(arq
,AccessLog
[iarq
]);
720 if(strcmp(arq
,"-")==0) {
722 debuga(_("Reading access log file: from stdin"));
728 debuga(_("Reading access log file: %s"),arq
);
729 if((fp_in
=MY_FOPEN(arq
,"r"))==NULL
) {
730 debuga(_("SARG: (log) Cannot open log file: %s - %s"),arq
,strerror(errno
));
737 // pre-read the file only if we have to show stats
738 if(ShowReadStatistics
&& !from_stdin
) {
745 while ((nread
=fread(line
.buffer
,1,line
.size
,fp_in
))>0) {
746 for (i
=0 ; i
<nread
; i
++)
748 if (line
.buffer
[i
]!='\n' && line
.buffer
[i
]!='\r') {
752 if (line
.buffer
[i
]=='\n' || line
.buffer
[i
]=='\r') {
759 printf(_("SARG: Records in file: %lu, reading: %3.2f%%\r"),recs1
,(float) 0);
767 while ((linebuf
=longline_read(fp_in
,&line
))!=NULL
) {
768 blen
=strlen(linebuf
);
770 if (ilf
==ILF_Unknown
) {
771 if(strncmp(linebuf
,"#Software: Mic",14) == 0) {
772 fixendofline(linebuf
);
774 debuga(_("Log is from Microsoft ISA: %s"),linebuf
);
780 if(strncmp(linebuf
,"*** SARG Log ***",16) == 0) {
781 getword_start(&gwarea
,arqtt
);
782 if (getword_skip(2000,&gwarea
,'-')<0 || getword(val2
,sizeof(val2
),&gwarea
,'_')<0 ||
783 getword_skip(10,&gwarea
,'-')<0 || getword(val3
,sizeof(val3
),&gwarea
,'_')<0) {
784 printf("SARG: The name of the file is invalid: %s\n",arq
);
787 sprintf(period
,"%s-%s",val2
,val3
);
794 if(!fp_log
&& strcmp(ParsedOutputLog
, "no") != 0 && ilf
!=ILF_Sarg
) {
795 if(access(ParsedOutputLog
,R_OK
) != 0) {
796 my_mkdir(ParsedOutputLog
);
798 sprintf(arq_log
,"%s/sarg_temp.log",ParsedOutputLog
);
799 if((fp_log
=MY_FOPEN(arq_log
,"w"))==NULL
) {
800 debuga(_("SARG: (log) Cannot open log file: %s - %s"),arq_log
,strerror(errno
));
803 fputs("*** SARG Log ***\n",fp_log
);
807 if( ShowReadStatistics
&& !from_stdin
&& ! --OutputNonZero
) {
809 perc
= perc
/ recs1
;
810 printf("SARG: Records in file: %lu, reading: %3.2f%%\r",recs1
,perc
);
812 OutputNonZero
= REPORT_EVERY_X_LINES
;
814 if(blen
< 58) continue;
815 if(strstr(linebuf
,"HTTP/0.0") != 0) continue;
816 if(strstr(linebuf
,"logfile turned over") != 0) continue;
817 if(linebuf
[0] == ' ') continue;
819 // Record only hours usage which is required
820 tt
= (time_t) strtoul( linebuf
, NULL
, 10 );
821 t
= localtime( &tt
);
823 if( bsearch( &( t
-> tm_wday
), weekdays
.list
, weekdays
.len
,
824 sizeof( int ), compar
) == NULL
)
827 if( bsearch( &( t
-> tm_hour
), hours
.list
, hours
.len
,
828 sizeof( int ), compar
) == NULL
)
832 if(ExcludeString
[0] != '\0') {
834 getword_start(&gwarea
,ExcludeString
);
835 while(strchr(gwarea
.current
,':') != 0) {
836 if (getword_multisep(val1
,sizeof(val1
),&gwarea
,':')<0) {
837 debuga(_("Maybe you have a broken record or garbage in your exclusion string"));
840 if((str
=(char *) strstr(linebuf
,val1
)) != (char *) NULL
)
843 if((str
=(char *) strstr(linebuf
,gwarea
.current
)) != (char *) NULL
)
845 if(exstring
) continue;
850 printf("BUF=%s\n",linebuf
);
852 if (ilf
==ILF_Squid
|| ilf
==ILF_Common
|| ilf
==ILF_Unknown
) {
853 getword_start(&gwarea
,linebuf
);
854 if (getword(data
,sizeof(data
),&gwarea
,' ')<0) {
855 printf("SARG: Maybe you have a broken time in your access.log file.\n");
858 if((str
=(char *) strchr(data
, '.')) != (char *) NULL
) {
859 if((str
=(char *) strchr(str
+1, '.')) != (char *) NULL
) {
863 if (getword(user
,sizeof(user
),&gwarea
,' ')<0 || getword_skip(255,&gwarea
,' ')<0) {
864 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
868 if (getword_skip(255,&gwarea
,' ')<0 || getword(user
,sizeof(user
),&gwarea
,' ')<0) {
869 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
873 if (getword(data
,sizeof(data
),&gwarea
,']')<0 || getword_skip(MAXLEN
,&gwarea
,'"')<0 ||
874 getword(fun
,sizeof(fun
),&gwarea
,' ')<0) {
875 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
878 if (getword_ptr(linebuf
,&url
,&gwarea
,' ')<0) {
879 debuga(_("Maybe you have a broken url in your %s file"),arq
);
882 if (getword_skip(MAXLEN
,&gwarea
,' ')<0 || getword(code2
,sizeof(code2
),&gwarea
,' ')<0 ||
883 getword(tam
,sizeof(tam
),&gwarea
,' ')<0) {
884 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
887 if((str
=(char *) strchr(gwarea
.current
, ' ')) != (char *) NULL
) {
888 if (getword(code
,sizeof(code
),&gwarea
,' ')<0) {
889 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
893 if (getword(code
,sizeof(code
),&gwarea
,'\0')<0) {
894 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
899 if ((str
= strchr(code
, ':')) != NULL
)
902 if(strcmp(tam
,"\0") == 0)
910 if(ilf
==ILF_Unknown
|| ilf
==ILF_Squid
) {
911 if (getword(elap
,sizeof(elap
),&gwarea
,' ')<0) {
912 printf("SARG: Maybe you have a broken elapsed time in your %s file.\n",arq
);
915 while(strcmp(elap
,"") == 0 && gwarea
.current
[0] != '\0')
916 if (getword(elap
,sizeof(elap
),&gwarea
,' ')<0) {
917 printf("SARG: Maybe you have a broken elapsed time in your %s file.\n",arq
);
920 if(strlen(elap
) < 1) continue;
921 if (getword(ip
,sizeof(ip
),&gwarea
,' ')<0){
922 printf("SARG: Maybe you have a broken client IP address in your %s file.\n",arq
);
925 if (getword(code
,sizeof(code
),&gwarea
,' ')<0){
926 printf("SARG: Maybe you have a broken result code in your %s file.\n",arq
);
929 if (getword(tam
,sizeof(tam
),&gwarea
,' ')<0){
930 printf("SARG: Maybe you have a broken amount of data in your %s file.\n",arq
);
933 if (getword(fun
,sizeof(fun
),&gwarea
,' ')<0){
934 printf("SARG: Maybe you have a broken request method in your %s file.\n",arq
);
937 if (getword_ptr(linebuf
,&url
,&gwarea
,' ')<0){
938 debuga(_("Maybe you have a broken url in your %s file"),arq
);
941 if (getword(user
,sizeof(user
),&gwarea
,' ')<0){
942 printf("SARG: Maybe you have a broken user ID in your %s file.\n",arq
);
950 getword_start(&gwarea
,linebuf
);
951 if (getword(data
,sizeof(data
),&gwarea
,'\t')<0){
952 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
955 if (getword(hora
,sizeof(hora
),&gwarea
,'\t')<0) {
956 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
959 if (getword(user
,sizeof(user
),&gwarea
,'\t')<0) {
960 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
963 if (getword(ip
,sizeof(ip
),&gwarea
,'\t')<0) {
964 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
967 if (getword_ptr(linebuf
,&url
,&gwarea
,'\t')<0){
968 debuga(_("Maybe you have a broken record or garbage in your %s file"),arq
);
971 if (getword(tam
,sizeof(tam
),&gwarea
,'\t')<0){
972 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
975 if (getword(code
,sizeof(code
),&gwarea
,'\t')<0){
976 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
979 if (getword(elap
,sizeof(elap
),&gwarea
,'\t')<0){
980 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
983 if (getword(smartfilter
,sizeof(smartfilter
),&gwarea
,'\0')<0){
984 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
989 if (linebuf
[0] == '#') {
990 int ncols
,cols
[ISACOL_Last
];
992 fixendofline(linebuf
);
993 getword_start(&gwarea
,linebuf
);
994 // remove the #Fields: column at the beginning of the line
995 if (getword_skip(1000,&gwarea
,' ')<0){
996 debuga(_("Maybe you have a broken record or garbage in your %s file"),arq
);
999 for (ncols
=0 ; ncols
<ISACOL_Last
; ncols
++) cols
[ncols
]=-1;
1001 while(gwarea
.current
[0] != '\0') {
1002 if (getword(val1
,sizeof(val1
),&gwarea
,'\t')<0){
1003 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",arq
);
1006 if(strcmp(val1
,"c-ip") == 0) cols
[ISACOL_Ip
]=ncols
;
1007 if(strcmp(val1
,"cs-username") == 0) cols
[ISACOL_UserName
]=ncols
;
1008 if(strcmp(val1
,"date") == 0) cols
[ISACOL_Date
]=ncols
;
1009 if(strcmp(val1
,"time") == 0) cols
[ISACOL_Time
]=ncols
;
1010 if(strcmp(val1
,"time-taken") == 0) cols
[ISACOL_TimeTaken
]=ncols
;
1011 if(strcmp(val1
,"sc-bytes") == 0) cols
[ISACOL_Bytes
]=ncols
;
1012 if(strcmp(val1
,"cs-uri") == 0) cols
[ISACOL_Uri
]=ncols
;
1013 if(strcmp(val1
,"sc-status") == 0) cols
[ISACOL_Status
]=ncols
;
1016 if (cols
[ISACOL_Ip
]>=0) {
1018 for (ncols
=0 ; ncols
<ISACOL_Last
; ncols
++)
1019 isa_cols
[ncols
]=cols
[ncols
];
1023 if (!isa_ncols
) continue;
1024 getword_start(&gwarea
,linebuf
);
1025 for (x
=0 ; x
<isa_ncols
; x
++) {
1026 if (getword_ptr(linebuf
,&str
,&gwarea
,'\t')<0) {
1027 debuga(_("Maybe you have a broken record or garbage in your %s file"),arq
);
1030 if (x
==isa_cols
[ISACOL_Ip
]) {
1031 if (strlen(str
)>=sizeof(ip
)) {
1032 debuga(_("Maybe you have a broken IP in your %s file"),arq
);
1036 } else if (x
==isa_cols
[ISACOL_UserName
]) {
1037 if (strlen(str
)>=sizeof(user
)) {
1038 debuga(_("Maybe you have a broken user in your %s file"),arq
);
1042 } else if (x
==isa_cols
[ISACOL_Date
]) {
1043 if (strlen(str
)>=sizeof(data
)) {
1044 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1048 } else if (x
==isa_cols
[ISACOL_Time
]) {
1049 if (strlen(str
)>=sizeof(hora
)) {
1050 debuga(_("Maybe you have a broken time in your %s file"),arq
);
1054 } else if (x
==isa_cols
[ISACOL_TimeTaken
]) {
1055 if (strlen(str
)>=sizeof(elap
)) {
1056 debuga(_("Maybe you have a broken download duration in your %s file"),arq
);
1060 } else if (x
==isa_cols
[ISACOL_Bytes
]) {
1061 if (strlen(str
)>=sizeof(tam
)) {
1062 debuga(_("Maybe you have a broken download size in your %s file"),arq
);
1066 } else if (x
==isa_cols
[ISACOL_Uri
]) {
1068 } else if (x
==isa_cols
[ISACOL_Status
]) {
1069 if (strlen(str
)>=sizeof(code
)) {
1070 debuga(_("Maybe you have a broken access code in your %s file"),arq
);
1077 if(strcmp(code
,"401") == 0 || strcmp(code
,"403") == 0 || strcmp(code
,"407") == 0) {
1078 sprintf(val1
,"DENIED/%s",code
);
1081 getword_start(&gwarea
,data
);
1082 if (getword(ano
,sizeof(ano
),&gwarea
,'-')<0){
1083 debuga(_("Maybe you have a broken record or garbage in your %s file"),arq
);
1086 if (getword(mes
,sizeof(mes
),&gwarea
,'-')<0){
1087 debuga(_("Maybe you have a broken record or garbage in your %s file"),arq
);
1090 if (getword(dia
,sizeof(dia
),&gwarea
,'\0')<0){
1091 debuga(_("Maybe you have a broken record or garbage in your %s file"),arq
);
1094 conv_month_name(mes
);
1095 sprintf(data
," %s/%s/%s:%s",dia
,mes
,ano
,hora
);
1098 if(ilf
==ILF_Squid
) {
1102 strftime(tbuf2
, sizeof(tbuf2
), "%H%M", t
);
1103 sprintf(mes
,"%d",t
->tm_mon
+1);
1104 conv_month_name(mes
);
1105 if(strncmp(df
,"u",1) == 0)
1106 sprintf(tbuf
, "%04d%s%02d", t
->tm_year
+1900, mes
, t
->tm_mday
);
1107 if(strncmp(df
,"e",1) == 0)
1108 sprintf(tbuf
, "%02d%s%04d", t
->tm_mday
, mes
, t
->tm_year
+1900);
1109 if(strncmp(df
,"w",1) == 0) {
1110 IndexTree
=INDEX_TREE_FILE
;
1111 strftime(tbuf
, sizeof(tbuf
), "%Y.%U", t
);
1114 strftime(wdata
, sizeof(wdata
), "%Y%m%d", t
);
1117 if(strncmp(df
,"u",1)==0)
1118 strftime(dia
, sizeof(dia
), "%m/%d/%Y", t
);
1120 strftime(dia
, sizeof(dia
), "%d/%m/%Y", t
);
1121 sprintf(hora
,"%02d:%02d:%02d",t
->tm_hour
,t
->tm_min
,t
->tm_sec
);
1122 } else if(ilf
==ILF_Common
|| ilf
==ILF_Isa
) {
1123 getword_start(&gwarea
,data
+1);
1124 if (getword_multisep(data
,sizeof(data
),&gwarea
,':')<0){
1125 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1128 if (getword_multisep(hora
,sizeof(hora
),&gwarea
,' ')<0){
1129 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1132 getword_start(&gwarea
,data
);
1133 if (getword(dia
,sizeof(dia
),&gwarea
,'/')<0){
1134 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1137 if (getword(mes
,sizeof(mes
),&gwarea
,'/')<0){
1138 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1141 if (getword(ano
,sizeof(ano
),&gwarea
,'/')<0){
1142 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1146 if(strcmp(df
,"u") == 0)
1147 snprintf(tbuf
,sizeof(tbuf
),"%s%s%s",ano
,mes
,dia
);
1148 if(strcmp(df
,"e") == 0)
1149 snprintf(tbuf
,sizeof(tbuf
),"%s%s%s",dia
,mes
,ano
);
1150 builddia(dia
,mes
,ano
,df
,wdata
);
1152 } else if (ilf
==ILF_Sarg
) {
1153 getword_start(&gwarea
,data
);
1154 if(strcmp(df
,"u") == 0) {
1155 if (getword(mes
,sizeof(mes
),&gwarea
,'/')<0){
1156 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1159 if (getword(dia
,sizeof(dia
),&gwarea
,'/')<0){
1160 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1164 if (getword(dia
,sizeof(dia
),&gwarea
,'/')<0){
1165 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1168 if (getword(mes
,sizeof(mes
),&gwarea
,'/')<0){
1169 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1173 if (getword(ano
,sizeof(ano
),&gwarea
,0)<0){
1174 debuga(_("Maybe you have a broken date in your %s file"),arq
);
1177 snprintf(wdata
,9,"%s%s%s",ano
,mes
,dia
);
1182 printf("DATE=%s IDATA=%d DFROM=%d DUNTIL=%d\n",date
,idata
,dfrom
,duntil
);
1184 if(date
[0] != '\0'){
1185 if(idata
< dfrom
|| idata
> duntil
) continue;
1188 if(strlen(user
) > MAX_USER_LEN
) {
1189 if (debugm
) printf(_("User ID too long: %s\n"),user
);
1195 if(IncludeUsers
[0] != '\0') {
1196 sprintf(val1
,":%s:",user
);
1197 if((str
=(char *) strstr(IncludeUsers
,val1
)) == (char *) NULL
)
1202 if (debugm
) printf(_("Excluded code: %s\n"),code
);
1207 if(testvaliduserchar(user
))
1211 if((str
= strstr(user
,"%20")) != NULL
) {
1213 This is a patch introduced to solve bug #1624251 reported at sourceforge but
1214 the side effect is to truncate the name at the first space and merge the reports
1215 of people whose name is identical up to the first space.
1217 The old code used to truncate the user name at the first % if a %20 was
1218 found anywhere in the string. That means the string could be truncated
1219 at the wrong place if another % occured before the %20. This new code should
1220 avoid that problem and only truncate at the space. There is no bug
1221 report indicating that anybody noticed this.
1227 Code prior to 2.2.7 used to replace any %xx by a dot as long as a %5c was
1228 found in the user name.
1230 while((str
= strstr(user
,"%5c")) != NULL
) {
1232 for (x
=3 ; str
[x
] ; x
++) str
[x
-2]=str
[x
];
1240 The full URL is not saved in sarg log. There is no point in testing the URL to detect
1243 download_flag
=is_download_suffix(url
);
1244 if (download_flag
) {
1251 // remove any protocol:// at the beginning of the URL
1252 if ((str
= strchr(url
,'/')) != NULL
&& str
[1] == '/') {
1256 for (i
=0 ; str
[i
] ; i
++)
1264 for (i
=0 ; i
<sizeof(hostname
)-1 && url
[i
] && url
[i
]!='/' ; i
++)
1270 if(url
[0] == '\0') continue;
1272 if(addr
[0] != '\0'){
1273 if(strcmp(addr
,ip
)!=0) continue;
1276 if(!vhexclude(url
)) {
1277 if (debugm
) printf(_("Excluded site: %s\n"),url
);
1286 getword_start(&gwarea
,hora
);
1288 if (getword_multisep(warea
,sizeof(warea
),&gwarea
,':')<0){
1289 debuga(_("Maybe you have a broken time in your %s file"),arq
);
1292 strncat(hmr
,warea
,2);
1295 strncat(hmr
,gwarea
.current
,2);
1297 if(atoi(hmr
) < atoi(hm
) || atoi(hmr
) > atoi(hmf
)) continue;
1300 if(site
[0] != '\0'){
1301 if(strstr(url
,site
)==0) continue;
1309 if(strcmp(user
,"-") == 0 || strcmp(user
," ") == 0 || strcmp(user
,"") == 0) {
1310 if(RecordsWithoutUser
== RECORDWITHOUTUSER_IP
) {
1314 if(RecordsWithoutUser
== RECORDWITHOUTUSER_IGNORE
)
1316 if(RecordsWithoutUser
== RECORDWITHOUTUSER_EVERYBODY
)
1317 strcpy(user
,"everybody");
1320 if(NtlmUserFormat
== NTLMUSERFORMAT_USER
) {
1321 if((str
= strchr(user
,'_')) != 0) {
1322 strcpy(warea
,str
+1);
1325 if((str
= strchr(user
,'+')) != 0) {
1326 strcpy(warea
,str
+1);
1334 if(strcmp(user
,us
)!=0) continue;
1338 sprintf(wuser
,":%s:",user
);
1339 if(strstr(userfile
, wuser
) == 0)
1344 if(!vuexclude(user
)) {
1345 if (debugm
) printf(_("Excluded user: %s\n"),user
);
1351 if(strcmp(user
,"-") ==0 || strcmp(user
," ") ==0 || strcmp(user
,"") ==0 || strcmp(user
,":") ==0)
1355 if(atol(elap
)>max_elapsed
) {
1361 if((str
=(char *) strstr(linebuf
, "[SmartFilter:")) != (char *) NULL
) {
1363 sprintf(smartfilter
,"\"%s\"",str
+1);
1364 } else sprintf(smartfilter
,"\"\"");
1368 for (ufile
=first_user_file
; ufile
&& strcmp(user
,ufile
->user
->id
)!=0 ; ufile
=ufile
->next
) {
1370 if (ufile
->file
) nopen
++;
1373 ufile
=malloc(sizeof(*ufile
));
1375 debuga(_("Not enough memory to store the user %s"),user
);
1378 memset(ufile
,0,sizeof(*ufile
));
1379 ufile
->next
=first_user_file
;
1380 first_user_file
=ufile
;
1381 uinfo
=userinfo_create(user
);
1383 uinfo
->id_is_ip
=id_is_ip
;
1386 prev_ufile
->next
=ufile
->next
;
1387 ufile
->next
=first_user_file
;
1388 first_user_file
=ufile
;
1392 if (ufile
->file
==NULL
) {
1393 if (nopen
>=maxopenfiles
) {
1395 for (ufile1
=first_user_file
; ufile1
; ufile1
=ufile1
->next
) {
1396 if (ufile1
->file
!=NULL
) {
1397 if (x
>=maxopenfiles
) {
1398 fclose(ufile1
->file
);
1405 if (snprintf (tmp3
, sizeof(tmp3
), "%s/sarg/%s.unsort", tmp
, ufile
->user
->filename
)>=sizeof(tmp3
)) {
1406 debuga(_("Temporary user file name too long: %s/sarg/%s.unsort"), tmp
, ufile
->user
->filename
);
1409 if ((ufile
->file
= MY_FOPEN (tmp3
, "a")) == NULL
) {
1410 fprintf (stderr
, "%s: (log) %s: %s - %s\n", argv
[0], _("Cannot open temporary file"), tmp3
, strerror(errno
));
1415 /*if ( strcmp ( user , sz_Last_User ) != 0 ) {
1416 if ( fp_Write_User )
1417 fclose( fp_Write_User ) ;
1418 sprintf (tmp3, "%s/sarg/%s.unsort", tmp, user);
1420 if ((fp_Write_User = MY_FOPEN (tmp3, "a")) == NULL) {
1421 fprintf (stderr, "%s: (log) %s: %s - %s\n", argv[0], _("Cannot open temporary file"), tmp3, strerror(errno));
1424 strcpy( sz_Last_User , user ) ;
1426 fprintf(ufile
->file
, "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n",dia
,hora
,ip
,url
,tam
,code
,elap
,smartfilter
);
1428 if(fp_log
&& ilf
!=ILF_Sarg
)
1429 fprintf(fp_log
, "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,url
,tam
,code
,elap
,smartfilter
);
1433 if(download_flag
&& download_url
&& strstr(code
,"DENIED") == 0) {
1436 if ( ! fp_Download_Unsort
) {
1437 if ((fp_Download_Unsort
= MY_FOPEN ( sz_Download_Unsort
, "a")) == NULL
) {
1438 fprintf (stderr
, "%s: (log) %s: %s - %s\n", argv
[0], _("Cannot open temporary file"), tmp3
, strerror(errno
));
1442 fprintf(fp_Download_Unsort
,"%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,download_url
);
1445 if((ReportType
& REPORT_TYPE_DENIED
) != 0 || (ReportType
& REPORT_TYPE_AUTH_FAILURES
) != 0) {
1446 if(strstr(code
,"DENIED/403") != 0) {
1447 fprintf(fp_denied
, "%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,urly
);
1450 if(strstr(code
,"DENIED/401") != 0 || strstr(code
,"DENIED/407") != 0) {
1452 fprintf(fp_authfail
, "%s\t%s\t%s\t%s\t%s\n",dia
,hora
,user
,ip
,urly
);
1457 if((!totper
|| idata
<mindate
) && ilf
!=ILF_Sarg
){
1460 sprintf(period
,"%s-",tbuf
);
1461 strcpy(start_hour
,tbuf2
);
1463 fixper(tbuf
, period
, cduntil
);
1465 debugaz("tbuf",tbuf
);
1466 debugaz("period",period
);
1471 printf("IP=\t%s\n",ip
);
1472 printf("USER=\t%s\n",user
);
1473 printf("ELAP=\t%s\n",elap
);
1474 printf("DATE=\t%s\n",dia
);
1475 printf("TIME=\t%s\n",hora
);
1476 printf("FUNC=\t%s\n",fun
);
1477 printf("URL=\t%s\n",url
);
1478 printf("CODE=\t%s\n",code
);
1479 printf("LEN=\t%s\n",tam
);
1484 if( ShowReadStatistics
)
1485 printf("SARG: Records in file: %lu, reading: %3.2f%%\n",recs1
, (float) 100 );
1489 longline_free(&line
);
1490 if ( fp_Download_Unsort
)
1491 fclose (fp_Download_Unsort
);
1493 for (ufile
=first_user_file
; ufile
; ufile
=ufile1
) {
1495 if (ufile
->file
!=NULL
) fclose(ufile
->file
);
1500 free_excludecodes();
1506 for (ilf
=0 ; ilf
<ILF_Last
; ilf
++) totalcount
+=ilf_count
[ilf
];
1508 debuga(" %s: %ld, %s: %ld, %s: %ld",_("Records read"),totregsl
,_("written"),totregsg
,_("excluded"),totregsx
);
1510 if(ilf_count
[ILF_Common
]>0 && ilf_count
[ILF_Squid
]>0)
1511 debuga("%s",_("Log with mixed records format (squid and common log)"));
1513 if(ilf_count
[ILF_Common
]>0 && ilf_count
[ILF_Squid
]==0)
1514 debuga("%s",_("Common log format"));
1516 if(ilf_count
[ILF_Common
]==0 && ilf_count
[ILF_Squid
]>0)
1517 debuga("%s",_("Squid log format"));
1519 if(ilf_count
[ILF_Sarg
]>0)
1520 debuga("%s",_("Sarg log format"));
1524 fprintf(stderr
, "SARG: %s\n",_("No records found"));
1525 fprintf(stderr
, "SARG: %s\n",_("End"));
1526 } else fprintf(stderr
, "SARG: %s\n",_("Log with invalid format"));
1530 fclose(fp_authfail
);
1543 fprintf(stderr
, "SARG: %s\n",_("No records found"));
1544 fprintf(stderr
, "SARG: %s\n",_("End"));
1549 fclose(fp_authfail
);
1557 if(date
[0] == '\0' && ilf_count
[ILF_Sarg
]==0) {
1558 strcat(period
,tbuf
);
1562 debugaz("data",dia
);
1563 debugaz("tbuf",tbuf
);
1564 debugaz("period",period
);
1568 debuga("%s: %s",_("Period"),period
);
1574 fclose(fp_authfail
);
1576 if(fp_log
!= NULL
) {
1578 strcpy(end_hour
,tbuf2
);
1579 getword_start(&gwarea
,period
);
1580 if (getword(val2
,sizeof(val2
),&gwarea
,'-')<0){
1581 printf("SARG: Maybe you have a broken date range definition.\n");
1584 if (getword(val1
,sizeof(val1
),&gwarea
,'\0')<0){
1585 printf("SARG: Maybe you have a broken date range definition.\n");
1588 sprintf(val4
,"%s/sarg-%s_%s-%s_%s.log",ParsedOutputLog
,val2
,start_hour
,val1
,end_hour
);
1589 if (rename(arq_log
,val4
)) {
1590 fprintf(stderr
,"SARG: failed to rename %s to %s - %s\n",arq_log
,val4
,strerror(errno
));
1592 strcpy(arq_log
,val4
);
1594 if(strcmp(ParsedOutputLogCompress
,"nocompress") != 0 && ParsedOutputLogCompress
[0] != '\0') {
1596 No double quotes around ParsedOutputLogCompress because it may contain command line options. If double quotes are
1597 necessary around the command name, put them in the configuration file.
1599 sprintf(val1
,"%s \"%s\"",ParsedOutputLogCompress
,arq_log
);
1600 cstatus
=system(val1
);
1601 if (!WIFEXITED(cstatus
) || WEXITSTATUS(cstatus
)) {
1602 fprintf(stderr
, "SARG: command return status %d\n",WEXITSTATUS(cstatus
));
1603 fprintf(stderr
, "SARG: command: %s\n",val1
);
1609 debuga("%s %s",_("Sarg parsed log saved as"),arq_log
);
1612 if((ReportType
& REPORT_TYPE_DENIED
) != 0) {
1613 sprintf(csort
,"sort -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"",tmp
,tmp5
,tmp4
);
1614 cstatus
=system(csort
);
1615 if (!WIFEXITED(cstatus
) || WEXITSTATUS(cstatus
)) {
1616 fprintf(stderr
, "SARG: sort command return status %d\n",WEXITSTATUS(cstatus
));
1617 fprintf(stderr
, "SARG: sort command: %s\n",csort
);
1623 sort_users_log(tmp
, debug
);
1625 if(DataFile
[0] != '\0')
1631 if((ReportType
& REPORT_TYPE_DENIED
) != 0)
1634 if(zip
[0] != '\0' && strcmp(zip
,"zcat") !=0) {
1637 // else unlink(arq);
1639 if(strcmp(tmp
,"/tmp") != 0) {
1649 debuga("%s",_("End"));
1656 static void getusers(const char *pwdfile
, int debug
)
1665 debuga("%s: %s",_("Loading password file from"),pwdfile
);
1667 if ((fp_usr
= fopen(pwdfile
, "r")) == NULL
) {
1668 fprintf(stderr
, "SARG: (getusers) %s: %s - %s\n",_("Cannot open file"),pwdfile
,strerror(errno
));
1672 fseek(fp_usr
, 0, SEEK_END
);
1673 nreg
= ftell(fp_usr
);
1675 printf("SARG: Cannot get the size of file %s",pwdfile
);
1679 fseek(fp_usr
, 0, SEEK_SET
);
1681 if((userfile
=(char *) malloc(nreg
))==NULL
){
1682 fprintf(stderr
, "SARG: %s (%ld):\n",_("malloc error"),nreg
);
1686 bzero(userfile
,nreg
);
1687 strcpy(userfile
,":");
1689 while(fgets(buf
,sizeof(buf
),fp_usr
)!=NULL
) {
1690 str
=strchr(buf
,':');
1692 printf("SARG: You have an invalid user in your %s file.\n",pwdfile
);
1696 strcat(userfile
,buf
);