# sarg.conf
#
-# TAG: language
-# Available languages:
-# Bulgarian_windows1251
-# Catalan
-# Czech
-# Dutch
-# English
-# French
-# German
-# Greek
-# Hungarian
-# Indonesian
-# Italian
-# Japanese
-# Latvian
-# Polish
-# Portuguese
-# Romanian
-# Russian_koi8
-# Russian_windows1251
-# Serbian
-# Slovak
-# Spanish
-# Turkish
-#
-#language English
-
# TAG: access_log file
# Where is the access.log file
# sarg -l file
#graphs yes
#graph_days_bytes_bar_color orange
+# TAG: graph_font
+# The full path to the TTF font file to use to create the graphs. It is required
+# if graphs is set to yes.
+#
+#graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
+
# TAG: title
# Especify the title for html page.
#
#background_image none
# TAG: password
-# User password file used by authentication
-# If used here, reports will be generated only for that users.
+# User password file used by Squid authentication scheme
+# If used, generate reports just for that users.
#
#password none
# TAG: exclude_hosts file
# Hosts, domains or subnets will be excluded from reports.
#
-# Eg.: 192.168.10.10 - exclude ip address only
-# 192.168.10.0 - exclude full C class
-# s1.acme.foo - exclude hostname only
-# acme.foo - exclude full domain name
+# Eg.: 192.168.10.10 - exclude ip address only
+# 192.168.10.0/24 - exclude full C class
+# s1.acme.foo - exclude hostname only
+# *.acme.foo - exclude full domain name
#
#exclude_hosts none
# TAG: useragent_log file
-# Put here where is useragent.log to nable useragent report.
+# useragent.log file patch to generate useragent report.
#
#useragent_log none
#
#index yes
+# TAG: index_tree date|file
+# How to generate the index.
+#
+#index_tree file
+
# TAG: overwrite_report yes|no
# yes - if report date already exist then will be overwrited.
# no - if report date already exist then will be renamed to filename.n, filename.n+1
# TAG: exclude_codes file
# Ignore records with these codes. Eg.: NONE/400
+# Write one code per line. Lines starting with a # are ignored.
+# Only codes matching exactly one of the line is rejected. The
+# comparison is not case sensitive.
#
#exclude_codes /usr/local/sarg/exclude_codes
# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
# Use 0 for no checking
#
-#max_elapsed 0
+#max_elapsed 28800000
# 8 Hours
-max_elapsed 28800000
# TAG: report_type type
# What kind of reports to generate.
-# topsites - shows the site, connect and bytes
-# sites_users - shows which users were accessing a site
-# users_sites - shows sites accessed by the user
-# date_time - shows the amount of bytes used by day and hour
-# denied - shows all denied sites with full URL
-# auth_failures - shows autentication failures
-# site_user_time_date - shows sites, dates, times and bytes
+# topusers - users, sites, times, bytes, connects, links to accessed sites, etc
+# topsites - site, connect and bytes report
+# sites_users - users and sites report
+# users_sites - accessed sites by the user report
+# date_time - bytes used per day and hour report
+# denied - denied sites with full URL report
+# auth_failures - autentication failures report
+# site_user_time_date - sites, dates, times and bytes report
+# downloads - downloads per user report
#
# Eg.: report_type topsites denied
#
-#report_type topsites sites_users users_sites date_time denied auth_failures site_user_time_date
+#report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
# TAG: usertab filename
# You can change the "userid" or the "ip address" to be a real user name on the reports.
+# If resolve_ip is active, the ip address is resolved before being looked up into this
+# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
+# the resolved name will be looked into the file instead of the ip address. Note that
+# it can be used to resolve any ip address known to the dns and then map the unresolved
+# ip addresses to a name found in the usertab file.
# Table syntax:
# userid name or ip address name
# Eg:
# SirIsaac Isaac Newton
# vinci Leonardo da Vinci
# 192.168.10.1 Karol Wojtyla
-#
+#
# Each line must be terminated with '\n'
+# If usertab have value "ldap" (case ignoring), user names
+# will be taken from LDAP server. This method as approaches for reception
+# of usernames from Active Didectory
#
#usertab none
+# TAG: LDAPHost hostname
+# FQDN or IP address of host with LDAP service or AD DC
+# default is '127.0.0.1'
+#LDAPHost 127.0.0.1
+
+# TAG: LDAPPort port
+# LDAP service port number
+# default is '389'
+#LDAPPort 389
+
+# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
+# DN of LDAP user, who is authorized to read user's names from LDAP base
+# default is empty line
+#LDAPBindDN cn=proxy,dc=mydomain,dc=local
+
+# TAG: LDAPBindPW secret
+# Password of DN, who is authorized to read user's names from LDAP base
+# default is empty line
+#LDAPBindPW secret
+
+# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
+# LDAP search base
+# default is empty line
+#LDAPBaseSearch ou=users,dc=mydomain,dc=local
+
+# TAG: LDAPFilterSearch uid=%s
+# User search filter by user's logins in LDAP
+# First founded record will be used
+# %s - will be changed to userlogins from access.log file
+# filter string can have some tags '%s'
+# default value is 'uid=%s'
+#LDAPFilterSearch uid=%s
+
+# TAG: LDAPTargetAttr attributename
+# Name of the attribute containing a name of the user
+# default value is 'cn'
+#LDAPTargetAttr cn
+
# TAG: long_url yes|no
# If yes, the full url is showed in report.
# If no, only the site will be showed
#long_url no
# TAG: date_time_by bytes|elap
-# Date/Time reports will use bytes or elapsed time?
+# Date/Time reports show the downloaded volume or the elapsed time or both.
#
#date_time_by bytes
# Latin5 - Turkish
# Latin6
# Windows-1251
+# Japan
# Koi8-r
+# UTF-8
#
#charset Latin1
#
#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
+# TAG: bytes_in_sites_users_report yes|no
+# Bytes field must be in Site & Users Report ?
+#
+#bytes_in_sites_users_report no
+
# TAG: topuser_num n
# How many users in topsites report. 0 = no limit
#
#topuser_num 0
-# TAG: site_user_time_date_type list|table
-# generate reports for site_user_time_date in list or table format
-#
-#site_user_time_date_type table
-
# TAG: datafile file
# Save the report results in a file to populate some database
#
#datafile none
-#datafile /tmp/p8
# TAG: datafile_delimiter ";"
# ascii character to use as a field separator in datafile
#
#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
+# TAG: datafile_url ip|name
+# Saves the URL as ip or name in datafile
+#
+#datafile_url ip
+
# TAG: weekdays
# The weekdays to take account ( Sunday->0, Saturday->6 )
# Example:
#
#dansguardian_conf none
+# TAG: dansguardian_ignore_date on|off
+# 'on' must use the record even the date range is different from the used in squid access.log file.
+# 'off' must use the record only if the date range is in the irange used in squid access.log file.
+#
+#dansguardian_ignore_date off
+
# TAG: squidguard_conf file
# path to squidGuard.conf file
# Generate reports from SquidGuard logs.
# Use 'none' to disable.
+# You can use sarg -L filename to use an alternate squidGuard log.
# squidguard_conf /usr/local/squidGuard/squidGuard.conf
#
#squidguard_conf none
-# TAG: squidguard_log_format
-# Format string SquidGuard logs.
+# TAG: redirector_log file
+# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
+# may be repeated up to 64 times to read multiple files.
+# If this option is specified, it takes precedence over squidguard_conf.
+# The command line option -L override this option.
+#
+#redirector_log /usr/local/squidGuard/var/logs/urls.log
+
+# TAG: redirector_ignore_date on|off
+# was named squidguard_ignore_date before sarg 2.3 but was renamed as it is not specific to squidGuard.
+# Set to 'on' to use the record even if the date is different from the date in the access log file.
+# Set to 'off' to use the record only if the date is within the range found in the access log file.
+#
+#redirector_ignore_date off
+
+# TAG: redirector_log_format
+# Format string for web proxy redirector logs.
+# This option was named squidguard_log_format before sarg 2.3.
# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
-#squidguard_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
+#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#
# TAG: show_sarg_info yes|no
# shows sarg information and site path on each report bottom
#
#parsed_output_log none
-# TAG parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
-# sarg logs compress util
+# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
+# Command to run to compress sarg parsed output log. It may contain
+# options (such as -f to overwrite existing target file). The name of
+# the file to compresse is provided at the end of this
+# command line. Don't forget to quote things appropriately.
#
#parsed_output_log_compress /bin/gzip
-# TAG displayed_values bytes|abbreviation
+# TAG: displayed_values bytes|abbreviation
# how the values will be displayed in reports.
# eg. bytes - 209.526
# abbreviation - 210K
#displayed_values bytes
# Report limits
-# TAG authfail_report_limit n
-# TAG denied_report_limit n
-# TAG siteusers_report_limit n
-# TAG squidguard_report_limit n
-# TAG user_report_limit n
+# TAG: authfail_report_limit n
+# TAG: denied_report_limit n
+# TAG: siteusers_report_limit n
+# TAG: squidguard_report_limit n
+# TAG: user_report_limit n
+# TAG: dansguardian_report_limit n
+# TAG: download_report_limit n
# report limits (lines).
# '0' no limit
#
#denied_report_limit 10
#siteusers_report_limit 0
#squidguard_report_limit 10
-#user_report_limit 0
+#dansguardian_report_limit 10
+#user_report_limit 10
+#user_report_limit 50
-# TAG www_document_root dir
+# TAG: www_document_root dir
# Where is your Web DocumentRoot
# Sarg will create sarg-php directory with some PHP modules:
# - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
#
#www_document_root /var/www/html
-# TAG block_it module_url
+# TAG: block_it module_url
# This tag allow you to pass urls from user reports to a cgi or php module,
# to be blocked by some Squid acl
#
#
#block_it none
-# TAG external_css_file path
-# This tag allow internal sarg css override.
+# TAG: external_css_file path
+# Provide the path to an external css file to link into the HTML reports instead of
+# the inline css written by sarg when this option is not set.
+#
+# In versions prior to 2.3, this used to be an absolute file name to
+# a file to include verbatim in each HTML page but, as it takes a lot of
+# space, version 2.3 switched to a link to an external css file.
+# Therefore, this option must contain the HTTP server path on which a client
+# browser may find the css file.
+#
# Sarg use theses style classes:
-# .body body class
+# .logo logo class
# .info sarg information class, align=center
-# .title title class, align=center
-# .header header class, align:left
-# .header2 header class, align:right
-# .header3 header class, align:right
-# .text text class, align:left
+# .title_c title class, align=center
+# .header_c header class, align:center
+# .header_l header class, align:left
+# .header_r header class, align:right
+# .text text class, align:right
# .data table text class, align:right
-# .data2 table text class, align:right, border colors
+# .data2 table text class, align:left
+# .data3 table text class, align:center
# .link link class
#
-# There is a sample in /usr/local/sarg/etc/css.tpl
+# Sarg can be instructed to output the internal css it inline
+# into the reports with this command:
+#
+# sarg --css
+#
+# You can redirect the output to a file of your choice and edit
+# it to your liking.
#
#external_css_file none
-# TAG user_authentication yes|no
+# TAG: user_authentication yes|no
# Allow user authentication in User Reports using .htaccess
# Parameters:
-# AuthUserFile - where the user password file is
-# AuthName - authentication realm. Eg "Members Only"
-# AuthType - authenticaion type - basic
-# Require - authorized users to see the report.
-# %u - user report
+# AuthUserTemplateFile - The template to use to create the
+# .htaccess file. In the template, %u is replaced by the
+# user's ID for which the report is generated. The path of the
+# template is relative to the directory containing sarg
+# configuration file.
#
# user_authentication no
-# AuthUserFile /usr/local/sarg/passwd
-# AuthName "SARG, Restricted Access"
-# AuthType Basic
-# Require user admin %u
+# AuthUserTemplateFile sarg_htaccess
-# TAG download_suffix "suffix,suffix,...,suffix"
+# TAG: download_suffix "suffix,suffix,...,suffix"
# file suffix to be considered as "download" in Download report.
# Use 'none' to disable.
#
-#download_suffix "7z,ace,arj,avi,bat,bin,bz2,bzip,cab,com,cpio,dll,doc,dot,exe,gz,iso,lha,lzh,mdb,mov,mp3,mpeg,mpg,mso,nrg,ogg,ppt,rar,rtf,shs,src,sys,tar,tgz,vcd,vob,wma,wmv,zip"
+#download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
-# ulimit n
+# TAG: ulimit n
# The maximum number of open file descriptors to avoid "Too many open files" error message.
# You need to run sarg as root to use ulimit tag.
+# If you run sarg with a low privilege user, set to 'none' to disable ulimit
#
#ulimit 20000
-# TAG: ntlm_user_format username|domainname+username
-# NTLM users format.
+# TAG: ntlm_user_format username|domainname+username
+# NTLM users format.
#
#ntlm_user_format domainname+username
+
+# TAG: realtime_refresh_time num sec
+# How many time to auto refresh the realtime report
+# 0 = disable
+#
+# realtime_refresh_time 3
+
+# TAG: realtime_access_log_lines num
+# How many last lines to get from access.log file
+#
+# realtime_access_log_lines 1000
+
+# TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
+# Which records must be in realtime report.
+#
+# realtime_types GET,PUT,CONNECT
+
+# TAG: realtime_unauthenticated_records: ignore|show
+# What to do with unauthenticated records in realtime report.
+#
+# realtime_unauthenticated_records: show
+
+# TAG: byte_cost value no_cost_limit
+# Cost per byte.
+# Eg. byte_cost 0.01 100000000
+# per byte cost = 0.01
+# bytes with no cost = 100 Mb
+# 0 = disable
+#
+# byte_cost 0.01 50000000
+
+# TAG: squid24 on|off
+# Compatilibity with squid version <= 2.4 when using emulate_http_log on
+#
+# squid24 off