# sarg.conf
#
-# TAG: language
-# Available languages:
-# Bulgarian_windows1251
-# Catalan
-# Czech
-# Czech_UTF8
-# Dutch
-# English
-# French
-# German
-# Greek
-# Hungarian
-# Indonesian
-# Italian
-# Japanese
-# Latvian
-# Polish
-# Portuguese
-# Romanian
-# Russian_koi8
-# Russian_UTF-8
-# Russian_windows1251
-# Serbian
-# Slovak
-# Spanish
-# Turkish
-#
-#language English
-
# TAG: access_log file
# Where is the access.log file
# sarg -l file
#graphs yes
#graph_days_bytes_bar_color orange
+# TAG: graph_font
+# The full path to the TTF font file to use to create the graphs. It is required
+# if graphs is set to yes.
+#
+#graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
+
# TAG: title
# Especify the title for html page.
#
# TAG: exclude_hosts file
# Hosts, domains or subnets will be excluded from reports.
#
-# Eg.: 192.168.10.10 - exclude ip address only
-# 192.168.10.0 - exclude full C class
-# s1.acme.foo - exclude hostname only
-# acme.foo - exclude full domain name
+# Eg.: 192.168.10.10 - exclude ip address only
+# 192.168.10.0/24 - exclude full C class
+# s1.acme.foo - exclude hostname only
+# *.acme.foo - exclude full domain name
#
#exclude_hosts none
# TAG: exclude_codes file
# Ignore records with these codes. Eg.: NONE/400
+# Write one code per line. Lines starting with a # are ignored.
+# Only codes matching exactly one of the line is rejected. The
+# comparison is not case sensitive.
#
#exclude_codes /usr/local/sarg/exclude_codes
# TAG: usertab filename
# You can change the "userid" or the "ip address" to be a real user name on the reports.
+# If resolve_ip is active, the ip address is resolved before being looked up into this
+# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
+# the resolved name will be looked into the file instead of the ip address. Note that
+# it can be used to resolve any ip address known to the dns and then map the unresolved
+# ip addresses to a name found in the usertab file.
# Table syntax:
# userid name or ip address name
# Eg:
# SirIsaac Isaac Newton
# vinci Leonardo da Vinci
# 192.168.10.1 Karol Wojtyla
-#
+#
# Each line must be terminated with '\n'
+# If usertab have value "ldap" (case ignoring), user names
+# will be taken from LDAP server. This method as approaches for reception
+# of usernames from Active Didectory
#
#usertab none
+# TAG: LDAPHost hostname
+# FQDN or IP address of host with LDAP service or AD DC
+# default is '127.0.0.1'
+#LDAPHost 127.0.0.1
+
+# TAG: LDAPPort port
+# LDAP service port number
+# default is '389'
+#LDAPPort 389
+
+# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
+# DN of LDAP user, who is authorized to read user's names from LDAP base
+# default is empty line
+#LDAPBindDN cn=proxy,dc=mydomain,dc=local
+
+# TAG: LDAPBindPW secret
+# Password of DN, who is authorized to read user's names from LDAP base
+# default is empty line
+#LDAPBindPW secret
+
+# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
+# LDAP search base
+# default is empty line
+#LDAPBaseSearch ou=users,dc=mydomain,dc=local
+
+# TAG: LDAPFilterSearch uid=%s
+# User search filter by user's logins in LDAP
+# First founded record will be used
+# %s - will be changed to userlogins from access.log file
+# filter string can have some tags '%s'
+# default value is 'uid=%s'
+#LDAPFilterSearch uid=%s
+
+# TAG: LDAPTargetAttr attributename
+# Name of the attribute containing a name of the user
+# default value is 'cn'
+#LDAPTargetAttr cn
+
# TAG: long_url yes|no
# If yes, the full url is showed in report.
# If no, only the site will be showed
#long_url no
# TAG: date_time_by bytes|elap
-# Date/Time reports will use bytes or elapsed time?
+# Date/Time reports show the downloaded volume or the elapsed time or both.
#
-#date_time_by elap
+#date_time_by bytes
# TAG: charset name
# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
#
#topuser_num 0
-# TAG: site_user_time_date_type list|table
-# generate reports for site_user_time_date in list or table format
-#
-#site_user_time_date_type table
-
# TAG: datafile file
# Save the report results in a file to populate some database
#
# TAG: datafile_url ip|name
# Saves the URL as ip or name in datafile
#
-#datafile ip
+#datafile_url ip
# TAG: weekdays
# The weekdays to take account ( Sunday->0, Saturday->6 )
#
#squidguard_conf none
-# TAG: squidguard_ignore_date on|off
-# Use 'on' use the record even the date range is different from the used squid access.log file.
-# Use 'off' use the record only if the date range is in the used squid access.log file.
+# TAG: redirector_log file
+# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
+# may be repeated up to 64 times to read multiple files.
+# If this option is specified, it takes precedence over squidguard_conf.
+# The command line option -L override this option.
#
-#squidguard_ignore_date off
+#redirector_log /usr/local/squidGuard/var/logs/urls.log
-# TAG: squidguard_log_format
-# Format string SquidGuard logs.
+# TAG: redirector_ignore_date on|off
+# was named squidguard_ignore_date before sarg 2.3 but was renamed as it is not specific to squidGuard.
+# Set to 'on' to use the record even if the date is different from the date in the access log file.
+# Set to 'off' to use the record only if the date is within the range found in the access log file.
+#
+#redirector_ignore_date off
+
+# TAG: redirector_log_format
+# Format string for web proxy redirector logs.
+# This option was named squidguard_log_format before sarg 2.3.
# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
-#squidguard_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
+#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
# TAG: show_sarg_info yes|no
# shows sarg information and site path on each report bottom
#parsed_output_log none
# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
-# sarg logs compress util
+# Command to run to compress sarg parsed output log. It may contain
+# options (such as -f to overwrite existing target file). The name of
+# the file to compresse is provided at the end of this
+# command line. Don't forget to quote things appropriately.
#
#parsed_output_log_compress /bin/gzip
#block_it none
# TAG: external_css_file path
-# This tag allow internal sarg css override.
+# Provide the path to an external css file to link into the HTML reports instead of
+# the inline css written by sarg when this option is not set.
+#
+# In versions prior to 2.3, this used to be an absolute file name to
+# a file to include verbatim in each HTML page but, as it takes a lot of
+# space, version 2.3 switched to a link to an external css file.
+# Therefore, this option must contain the HTTP server path on which a client
+# browser may find the css file.
+#
# Sarg use theses style classes:
-# .body body class
+# .logo logo class
# .info sarg information class, align=center
-# .title title class, align=center
-# .header header class, align:left
-# .header2 header class, align:right
-# .header3 header class, align:right
-# .text text class, align:left
+# .title_c title class, align=center
+# .header_c header class, align:center
+# .header_l header class, align:left
+# .header_r header class, align:right
+# .text text class, align:right
# .data table text class, align:right
-# .data2 table text class, align:right, border colors
+# .data2 table text class, align:left
+# .data3 table text class, align:center
# .link link class
#
-# There is a sample in /usr/local/sarg/etc/css.tpl
+# Sarg can be instructed to output the internal css it inline
+# into the reports with this command:
+#
+# sarg --css
+#
+# You can redirect the output to a file of your choice and edit
+# it to your liking.
#
#external_css_file none
# TAG: user_authentication yes|no
# Allow user authentication in User Reports using .htaccess
# Parameters:
-# AuthUserFile - where the user password file is
-# AuthName - authentication realm. Eg "Members Only"
-# AuthType - authenticaion type - basic
-# Require - authorized users to see the report.
-# %u - user report
+# AuthUserTemplateFile - The template to use to create the
+# .htaccess file. In the template, %u is replaced by the
+# user's ID for which the report is generated. The path of the
+# template is relative to the directory containing sarg
+# configuration file.
#
# user_authentication no
-# AuthUserFile /usr/local/sarg/passwd
-# AuthName "SARG, Restricted Access"
-# AuthType Basic
-# Require user admin %u
+# AuthUserTemplateFile sarg_htaccess
# TAG: download_suffix "suffix,suffix,...,suffix"
# file suffix to be considered as "download" in Download report.