]> git.ipfire.org Git - thirdparty/sarg.git/blame - sarg.conf
projects / thirdparty / sarg.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Generate redirector log even if -d is not given
[thirdparty/sarg.git] / sarg.conf
CommitLineData
25697a35
GS		 1# sarg.conf
2#
25697a35
GS		 3# TAG: access_log file
4# Where is the access.log file
f74970b1 5#
0eb636a0 6# This option can be repeated multiple times to list rotated files or
f74970b1
FM		 7# files from different sources.
8#
9# The files named here must exists or sarg aborts. It is intended as a
10# safety against incomplete reporting due to problems occuring with the
11# logs.
12#
2b41f02c
FM		 13# If the file globbing was compiled in, the file name can contain shell
14# wildcards such as * and ?. Tilde expension and variable expension are
15# not supported. Special characters can be escaped with a backslash.
16#
f74970b1
FM		 17# If some files are passed on the command line with "sarg -l file" or
18# "sarg file", the files listed here are ignored.
25697a35
GS		 19#
20#access_log /usr/local/squid/var/logs/access.log
21
22# TAG: graphs yes|no
23# Use graphics where is possible.
24# graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
25#
26#graphs yes
27#graph_days_bytes_bar_color orange
28
3becf85c
FM		 29# TAG: graph_font
30# The full path to the TTF font file to use to create the graphs. It is required
31# if graphs is set to yes.
32#
33#graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
34
25697a35
GS		 35# TAG: title
36# Especify the title for html page.
37#
38#title "Squid User Access Reports"
39
40# TAG: font_face
41# Especify the font for html page.
42#
43#font_face Tahoma,Verdana,Arial
44
45# TAG: header_color
46# Especify the header color
47#
48#header_color darkblue
49
50# TAG: header_bgcolor
51# Especify the header bgcolor
52#
53#header_bgcolor blanchedalmond
54
55# TAG: font_size
56# Especify the text font size
57#
58#font_size 9px
59
60# TAG: header_font_size
61# Especify the header font size
62#
63#header_font_size 9px
64
65# TAG: title_font_size
66# Especify the title font size
67#
68#title_font_size 11px
69
70# TAG: background_color
71# TAG: background_color
72# Html page background color
73#
74# background_color white
75
76# TAG: text_color
77# Html page text color
78#
79#text_color #000000
80
81# TAG: text_bgcolor
82# Html page text background color
83#
84#text_bgcolor lavender
85
86# TAG: title_color
87# Html page title color
88#
89#title_color green
90
91# TAG: logo_image
92# Html page logo.
93#
94#logo_image none
95
96# TAG: logo_text
97# Html page logo text.
98#
99#logo_text ""
100
101# TAG: logo_text_color
102# Html page logo texti color.
103#
104#logo_text_color #000000
105
106# TAG: logo_image_size
129e6ea5 107# Html page logo image size.
25697a35
GS		 108# width height
109#
110#image_size 80 45
111
112# TAG: background_image
113# Html page background image
114#
115#background_image none
116
117# TAG: password
491b862f
GS		 118# User password file used by Squid authentication scheme
119# If used, generate reports just for that users.
25697a35
GS		 120#
121#password none
122
123# TAG: temporary_dir
124# Temporary directory name for work files
125# sarg -w dir
126#
127#temporary_dir /tmp
128
129# TAG: output_dir
130# The reports will be saved in that directory
131# sarg -o dir
132#
133#output_dir /var/www/html/squid-reports
134
829a53c2
FM		 135# TAG: anonymous_output_files yes/no
136# Use anonymous file and directory names in the report. If it is set to
137# no (the default), the user id/ip/name is slightly mangled to create a
138# suitable file name to store the report of the user but the user's
139# identity can easily be guessed from the mangled name. If this option is
140# set, any file or directory belonging to the user is replaced by a short
141# number. The purpose is to hide the identity of the user when looking
142# at the report file names but it may serve to shorten the path too.
143#
144#anonymous_output_files no
145
25697a35
GS		 146# TAG: output_email
147# Email address to send the reports. If you use this tag, no html reports will be generated.
148# sarg -e email
149#
150#output_email none
151
51b166d4
FM		 152# TAG: resolve_ip modulelist
153# List the modules to use to convert IP addresses into names.
154# Each named module is tried in sequence until one returns a result. Therefore
155# the order of the modules is relevant.
156# The modules must be listed on one line each separated from the previous one with
157# a space.
158#
159# The possible modules are
160# dns Use the DNS.
1e312c82 161# exec Call an external program with the IP address as argument.
51b166d4
FM		 162#
163# For compatibility with previous versions, yes is a synonymous for dns and
164# no does nothing.
165# sarg -n forces the use of the dns module.
25697a35
GS		 166#resolve_ip no
167
1e312c82
FM		 168# TAG: resolve_ip_exec command
169# If resolve_ip selects the exec module, this is the command to run to
170# resolve an IP address. The command must contain a placeholder where the
171# IP address is inserted. The placeholder must be %IP in uppercases. The
172# placeholder may be repeated multiple times if necessary.
173#
174# The command is expected to return the host name without frills on its
175# standard output. If the command returns nothing, it is assumed that the
176# command could not resolve the IP address and the next module in the
177# chain is given a try with the same address.
178#
179# This option can only be used once. Therefore there is only one command
180# available to resolve an IP address but the program can do anything it
181# deems fit including attempting several strategies.
182#
183# Beware that running an external program is exceedingly slow. So you
184# should try the DNS first and only call an external program if the DNS
185# fails.
186#resolve_ip_exec nmblookup -A %IP | sed -n -e 's/^ *\(.*\) *<00> - *B.*/\1/p'
187
25697a35
GS		 188# TAG: user_ip yes/no
189# Use Ip Address instead userid in reports.
190# sarg -p
191#user_ip no
192
193# TAG: topuser_sort_field field normal/reverse
194# Sort field for the Topuser Report.
195# Allowed fields: USER CONNECT BYTES TIME
196#
197#topuser_sort_field BYTES reverse
198
199# TAG: user_sort_field field normal/reverse
200# Sort field for the User Report.
201# Allowed fields: SITE CONNECT BYTES TIME
202#
203#user_sort_field BYTES reverse
204
205# TAG: exclude_users file
206# users within the file will be excluded from reports.
207# you can use indexonly to have only index.html file.
208#
209#exclude_users none
210
211# TAG: exclude_hosts file
212# Hosts, domains or subnets will be excluded from reports.
213#
43f18f45
FM		 214# Eg.: 192.168.10.10 - exclude ip address only
215# 192.168.10.0/24 - exclude full C class
216# s1.acme.foo - exclude hostname only
217# *.acme.foo - exclude full domain name
25697a35
GS		 218#
219#exclude_hosts none
220
221# TAG: useragent_log file
2b41f02c
FM		 222# useragent.log file to generate useragent report.
223#
224# This option may be repeated multiple times to process several files.
225#
226# Wildcards are allowed (see access_log).
25697a35
GS		 227#
228#useragent_log none
229
230# TAG: date_format
231# Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
129e6ea5 232#
25697a35
GS		 233#date_format u
234
3877d630
FM		 235# TAG: per_user_limit file MB ip/id
236# Write the user's ID (if last flag is 'id') or the user's IP address (if last flag is 'ip')
237# in file if download exceed n MB.
238# This option allows you to disable user access if users exceed a download limit.
2e29ae23
FM		 239# The option may be repeated up to 16 times to generate several files with
240# different content type or limit.
129e6ea5 241#
3877d630
FM		 242# Examples:
243# per_user_limit userlimit_1G.txt 1000 ip
244# per_user_limit /var/log/sarg/userlimit_500M.log 500 id
245#
25697a35
GS		 246#per_user_limit none
247
0b5356bb
FM		 248# TAG: per_user_limit_file_create always/as_required
249# When to create a per_user_limit file.
250#
251# Use 'always' to always create the file requested by per_user_limit
252# even if it is empty.
253#
254# Use 'as_required' to create a per_user_limit file only if at least
255# one user crosses the limit.
256#
257#per_user_limit_file_create purge
258
25697a35
GS		 259# TAG: lastlog n
260# How many reports files must be keept in reports directory.
261# The oldest report file will be automatically removed.
262# 0 - no limit.
263#
264#lastlog 0
265
266# TAG: remove_temp_files yes
267# Remove temporary files: geral, usuarios, top, periodo from root report directory.
268#
269#remove_temp_files yes
270
271# TAG: index yes|no|only
272# Generate the main index.html.
273# only - generate only the main index.html
274#
275#index yes
276
491b862f
GS		 277# TAG: index_tree date|file
278# How to generate the index.
279#
280#index_tree file
281
9aaa3361
FM		 282# TAG: index_fields
283# The columns to show in the index of the reports
284# Columns are: dirsize
285#
286#index_fields dirsize
287
25697a35
GS		 288# TAG: overwrite_report yes|no
289# yes - if report date already exist then will be overwrited.
290# no - if report date already exist then will be renamed to filename.n, filename.n+1
291#
292#overwrite_report no
293
294# TAG: records_without_userid ignore|ip|everybody
295# What can I do with records without user id (no authentication) in access.log file ?
296#
297# ignore - This record will be ignored.
298# ip - Use ip address instead. (default)
299# everybody - Use "everybody" instead.
300#
301#records_without_userid ip
302
303# TAG: use_comma no|yes
304# Use comma instead point in reports.
305# Eg.: use_comma yes => 23,450,110
306# use_comma no => 23.450.110
307#
308#use_comma no
309
66d35350
FM		 310# TAG: mail_utility
311# Mail command to use to send reports via SMTP. Sarg calls it like this:
312# mail_utility -s "SARG report, date" "output_email" <"mail_content"
313#
314# Therefore, it is possible to add more arguments to the command by specifying them
315# here.
316#
317# If you need too, you can use a shell script to process the content of /dev/stdin
318# (/dev/stdin is the mail_content passed by sarg to the script) and call whatever
319# command you like. It is not limited to mailing the report via SMTP.
320#
321# Don't forget to quote the command if necessary (i.e. if the path contains
322# characters that must be quoted).
25697a35
GS		 323#
324#mail_utility mailx
325
326# TAG: topsites_num n
327# How many sites in topsites report.
328#
329#topsites_num 100
330
7d82ea1a 331# TAG: topsites_sort_order CONNECT|BYTES|TIME|USER A|D
25697a35
GS		 332# Sort for topsites report, where A=Ascendent, D=Descendent
333#
334#topsites_sort_order CONNECT D
335
336# TAG: index_sort_order A/D
337# Sort for index.html, where A=Ascendent, D=Descendent
338#
339#index_sort_order D
340
341# TAG: exclude_codes file
342# Ignore records with these codes. Eg.: NONE/400
6cdbb02f
FM		 343# Write one code per line. Lines starting with a # are ignored.
344# Only codes matching exactly one of the line is rejected. The
345# comparison is not case sensitive.
25697a35 346#
2f9006ac 347#exclude_codes /usr/local/sarg/etc/exclude_codes
25697a35
GS		 348
349# TAG: replace_index string
350# Replace "index.html" in the main index file with this string
129e6ea5 351# If null "index.html" is used
25697a35
GS		 352#
353#replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?>
354
355# TAG: max_elapsed milliseconds
356# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
129e6ea5 357# Use 0 for no checking
25697a35 358#
d6e703cc 359#max_elapsed 28800000
25697a35 360# 8 Hours
25697a35
GS		 361
362# TAG: report_type type
363# What kind of reports to generate.
491b862f
GS		 364# topusers - users, sites, times, bytes, connects, links to accessed sites, etc
365# topsites - site, connect and bytes report
366# sites_users - users and sites report
367# users_sites - accessed sites by the user report
368# date_time - bytes used per day and hour report
369# denied - denied sites with full URL report
370# auth_failures - autentication failures report
371# site_user_time_date - sites, dates, times and bytes report
372# downloads - downloads per user report
25697a35 373#
129e6ea5 374# Eg.: report_type topsites denied
25697a35 375#
491b862f 376#report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
25697a35
GS		 377
378# TAG: usertab filename
379# You can change the "userid" or the "ip address" to be a real user name on the reports.
d8a1e9f3
FM		 380# If resolve_ip is active, the ip address is resolved before being looked up into this
381# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
382# the resolved name will be looked into the file instead of the ip address. Note that
383# it can be used to resolve any ip address known to the dns and then map the unresolved
384# ip addresses to a name found in the usertab file.
25697a35
GS		 385# Table syntax:
386# userid name or ip address name
387# Eg:
388# SirIsaac Isaac Newton
389# vinci Leonardo da Vinci
390# 192.168.10.1 Karol Wojtyla
d8a1e9f3 391#
25697a35 392# Each line must be terminated with '\n'
e3af0ae9
PO		 393# If usertab have value "ldap" (case ignoring), user names
394# will be taken from LDAP server. This method as approaches for reception
395# of usernames from Active Didectory
d8a1e9f3 396#
25697a35 397#usertab none
d8a1e9f3 398
e3af0ae9
PO		 399# TAG: LDAPHost hostname
400# FQDN or IP address of host with LDAP service or AD DC
401# default is '127.0.0.1'
402#LDAPHost 127.0.0.1
403
404# TAG: LDAPPort port
405# LDAP service port number
406# default is '389'
407#LDAPPort 389
408
409# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
410# DN of LDAP user, who is authorized to read user's names from LDAP base
411# default is empty line
412#LDAPBindDN cn=proxy,dc=mydomain,dc=local
413
414# TAG: LDAPBindPW secret
415# Password of DN, who is authorized to read user's names from LDAP base
416# default is empty line
417#LDAPBindPW secret
418
419# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
420# LDAP search base
421# default is empty line
422#LDAPBaseSearch ou=users,dc=mydomain,dc=local
423
1b048c43 424# TAG: LDAPFilterSearch (uid=%s)
e3af0ae9
PO		 425# User search filter by user's logins in LDAP
426# First founded record will be used
427# %s - will be changed to userlogins from access.log file
1b048c43
FM		 428# filter string can have up to 5 '%s' tags
429# default value is '(uid=%s)'
430#LDAPFilterSearch (uid=%s)
e3af0ae9
PO		 431
432# TAG: LDAPTargetAttr attributename
433# Name of the attribute containing a name of the user
434# default value is 'cn'
435#LDAPTargetAttr cn
25697a35 436
fd75cd90
FM		 437# TAG: LDAPNativeCharset charset-iconv-style
438# Character set to convert the LDAP string to.
439# For the list of some available charsets use: "iconv -l".
440# This option requires libiconv and sarg must have been built with --with-iconv.
441# default is empty line (UTF-8)
442#LDAPNativeCharset ISO-8859-1
443
25697a35
GS		 444# TAG: long_url yes|no
445# If yes, the full url is showed in report.
446# If no, only the site will be showed
447#
448# YES option generate very big sort files and reports.
449#
450#long_url no
451
452# TAG: date_time_by bytes|elap
84c9679c 453# Date/Time reports show the downloaded volume or the elapsed time or both.
25697a35 454#
1752e8f8 455#date_time_by bytes
25697a35
GS		 456
457# TAG: charset name
458# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
459# graphic character sets for writing in alphabetic languages
460# You can use the following charsets:
461# Latin1 - West European
129e6ea5
FM		 462# Latin2 - East European
463# Latin3 - South European
464# Latin4 - North European
465# Cyrillic
466# Arabic
467# Greek
468# Hebrew
469# Latin5 - Turkish
25697a35
GS		 470# Latin6
471# Windows-1251
d6e703cc 472# Japan
25697a35 473# Koi8-r
d6e703cc 474# UTF-8
25697a35
GS		 475#
476#charset Latin1
477
478# TAG: user_invalid_char "&/"
479# Records that contain invalid characters in userid will be ignored by Sarg.
480#
481#user_invalid_char "&/"
482
483# TAG: privacy yes|no
484# privacy_string "***.***.***.***"
485# privacy_string_color blue
486# In some countries the sysadm cannot see the visited sites by a restrictive law.
487# Using privacy yes the visited url will be changes by privacy_string and the link
488# will be removed from reports.
489#
490#privacy no
491#privacy_string "***.***.***.***"
492#privacy_string_color blue
493
494# TAG: include_users "user1:user2:...:usern"
495# Reports will be generated only for listed users.
496#
497#include_users none
498
499# TAG: exclude_string "string1:string2:...:stringn"
500# Records from access.log file that contain one of listed strings will be ignored.
501#
502#exclude_string none
503
504# TAG: show_successful_message yes|no
505# Shows "Successful report generated on dir" at end of process.
506#
507#show_successful_message yes
508
509# TAG: show_read_statistics yes|no
2f4787e6 510# Shows how many lines have been read from the current input log file.
25697a35 511#
2f4787e6
FM		 512#show_read_statistics no
513
514# TAG: show_read_percent yes|no
515# Shows how many percents have been read from the current input log file.
516#
517# Beware that this feature requires to read the input log file once to
518# count the number of lines and then a second time to actually parse it.
519# You can save some time by disabling it.
520#
521#show_read_percent no
25697a35
GS		 522
523# TAG: topuser_fields
524# Which fields must be in Topuser report.
525#
411e2cff
FM		 526# Valid columns are
527# NUM Report line number.
528# DATE_TIME Icons to display the date and time reports.
529# USERID Display the user's ID. It may be a name or the IP address depending on other settings.
530# USERIP Display the user's IP address.
531# CONNECT Number of connections made by the user.
532# BYTES Number of bytes downloaded by the user.
533# %BYTES Percent of the total downloaded volume.
534# IN-CACHE-OUT Percent of cache hit and miss.
535# USED_TIME How long it took to process the requests from that user.
536# MILISEC The same in milliseconds
537# %TIME Percent of the total processing time of the reported users.
538# TOTAL Add a line to the report with the total of every column.
539# AVERAGE Add a line to the report with the average of every column.
25697a35
GS		 540#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
541
542# TAG: user_report_fields
543# Which fields must be in User report.
544#
545#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
546
d6e703cc
FM		 547# TAG: bytes_in_sites_users_report yes|no
548# Bytes field must be in Site & Users Report ?
549#
550#bytes_in_sites_users_report no
551
25697a35
GS		 552# TAG: topuser_num n
553# How many users in topsites report. 0 = no limit
554#
555#topuser_num 0
556
25697a35
GS		 557# TAG: datafile file
558# Save the report results in a file to populate some database
559#
560#datafile none
25697a35
GS		 561
562# TAG: datafile_delimiter ";"
563# ascii character to use as a field separator in datafile
564#
565#datafile_delimiter ";"
566
567# TAG: datafile_fields all
568# Which data fields must be in datafile
569# user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
570#
571#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
572
491b862f
GS		 573# TAG: datafile_url ip|name
574# Saves the URL as ip or name in datafile
575#
f84a35a3 576#datafile_url ip
491b862f 577
25697a35 578# TAG: weekdays
3bd75b91 579# The weekdays to take into account ( Sunday->0, Saturday->6 )
25697a35
GS		 580# Example:
581#weekdays 1-3,5
582# Default:
583#weekdays 0-6
584
585# TAG: hours
3bd75b91 586# The hours to take into account
25697a35
GS		 587# Example:
588#hours 7-12,14,16,18-20
589# Default:
590#hours 0-23
591
592# TAG: dansguardian_conf file
593# DansGuardian.conf file path
594# Generate reports from DansGuardian logs.
595# Use 'none' to disable it.
596# dansguardian_conf /usr/dansguardian/dansguardian.conf
597#
598#dansguardian_conf none
599
64dfb824
FM		 600# TAG: dansguardian_filter_out_date on|off
601# This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action.
602# Note the change of parameter value compared with the old option.
603# 'off' use the record even if its date is outside of the range found in the input log file.
604# 'on' use the record only if its date is in the range found in the input log file.
491b862f 605#
64dfb824 606#dansguardian_filter_out_date on
491b862f 607
25697a35
GS		 608# TAG: squidguard_conf file
609# path to squidGuard.conf file
610# Generate reports from SquidGuard logs.
611# Use 'none' to disable.
491b862f 612# You can use sarg -L filename to use an alternate squidGuard log.
25697a35
GS		 613# squidguard_conf /usr/local/squidGuard/squidGuard.conf
614#
615#squidguard_conf none
616
1f482a8d
FM		 617# TAG: redirector_log file
618# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
619# may be repeated up to 64 times to read multiple files.
620# If this option is specified, it takes precedence over squidguard_conf.
621# The command line option -L override this option.
622#
623#redirector_log /usr/local/squidGuard/var/logs/urls.log
624
64dfb824
FM		 625# TAG: redirector_filter_out_date on|off
626# This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not
627# appropriate with respect to their action.
628# Note the change of parameter value compared with the old options.
629# 'off' use the record even if its date is outside of the range found in the input log file.
630# 'on' use the record only if its date is in the range found in the input log file.
491b862f 631#
64dfb824 632#redirector_filter_out_date on
491b862f 633
1f482a8d
FM		 634# TAG: redirector_log_format
635# Format string for web proxy redirector logs.
636# This option was named squidguard_log_format before sarg 2.3.
25697a35 637# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
d19124ac
FM		 638# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end#
639#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end#
25697a35
GS		 640
641# TAG: show_sarg_info yes|no
642# shows sarg information and site path on each report bottom
643#
644#show_sarg_info yes
645
646# TAG: show_sarg_logo yes|no
647# shows sarg logo
648#
649#show_sarg_logo yes
650
651# TAG: parsed_output_log directory
652# Saves the processed log in a sarg format after parsing the squid log file.
129e6ea5 653# This is a way to dump all of the data structures out, after parsing from
25697a35
GS		 654# the logs (presumably this data will be much smaller than the log files themselves),
655# and pull them back in for later processing and merging with data from previous logs.
656#
657#parsed_output_log none
658
491b862f 659# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
ff8d5836
FM		 660# Command to run to compress sarg parsed output log. It may contain
661# options (such as -f to overwrite existing target file). The name of
662# the file to compresse is provided at the end of this
663# command line. Don't forget to quote things appropriately.
25697a35
GS		 664#
665#parsed_output_log_compress /bin/gzip
666
491b862f 667# TAG: displayed_values bytes|abbreviation
25697a35
GS		 668# how the values will be displayed in reports.
669# eg. bytes - 209.526
670# abbreviation - 210K
671#
672#displayed_values bytes
673
674# Report limits
491b862f
GS		 675# TAG: authfail_report_limit n
676# TAG: denied_report_limit n
677# TAG: siteusers_report_limit n
678# TAG: squidguard_report_limit n
679# TAG: user_report_limit n
680# TAG: dansguardian_report_limit n
681# TAG: download_report_limit n
25697a35
GS		 682# report limits (lines).
683# '0' no limit
684#
685#authfail_report_limit 10
686#denied_report_limit 10
687#siteusers_report_limit 0
688#squidguard_report_limit 10
94ff9470
GS		 689#dansguardian_report_limit 10
690#user_report_limit 10
691#user_report_limit 50
25697a35 692
491b862f 693# TAG: www_document_root dir
25697a35
GS		 694# Where is your Web DocumentRoot
695# Sarg will create sarg-php directory with some PHP modules:
696# - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
697#
698#www_document_root /var/www/html
699
491b862f 700# TAG: block_it module_url
25697a35
GS		 701# This tag allow you to pass urls from user reports to a cgi or php module,
702# to be blocked by some Squid acl
703#
704# Eg.: block_it /sarg-php/sarg-block-it.php
705# sarg-block-it is a php that will append a url to a flat file.
706# You must change /var/www/html/sarg-php/sarg-block-it to point to your file
707# in $filename variable, and chown to a httpd owner.
708#
709# sarg will pass http://module_url?url=url
710#
711#block_it none
712
491b862f 713# TAG: external_css_file path
d183fb7f
FM		 714# Provide the path to an external css file to link into the HTML reports instead of
715# the inline css written by sarg when this option is not set.
33dc7dec
FM		 716#
717# In versions prior to 2.3, this used to be an absolute file name to
d183fb7f
FM		 718# a file to include verbatim in each HTML page but, as it takes a lot of
719# space, version 2.3 switched to a link to an external css file.
720# Therefore, this option must contain the HTTP server path on which a client
721# browser may find the css file.
33dc7dec 722#
25697a35 723# Sarg use theses style classes:
3a422572 724# .logo logo class
25697a35 725# .info sarg information class, align=center
3a422572
FM		 726# .title_c title class, align=center
727# .header_c header class, align:center
728# .header_l header class, align:left
729# .header_r header class, align:right
730# .text text class, align:right
25697a35 731# .data table text class, align:right
3a422572
FM		 732# .data2 table text class, align:left
733# .data3 table text class, align:center
25697a35
GS		 734# .link link class
735#
d183fb7f
FM		 736# Sarg can be instructed to output the internal css it inline
737# into the reports with this command:
738#
739# sarg --css
740#
741# You can redirect the output to a file of your choice and edit
742# it to your liking.
25697a35
GS		 743#
744#external_css_file none
745
491b862f 746# TAG: user_authentication yes|no
25697a35 747# Allow user authentication in User Reports using .htaccess
129e6ea5 748# Parameters:
d5d021c5
FM		 749# AuthUserTemplateFile - The template to use to create the
750# .htaccess file. In the template, %u is replaced by the
751# user's ID for which the report is generated. The path of the
752# template is relative to the directory containing sarg
753# configuration file.
25697a35
GS		 754#
755# user_authentication no
d5d021c5 756# AuthUserTemplateFile sarg_htaccess
25697a35 757
491b862f 758# TAG: download_suffix "suffix,suffix,...,suffix"
25697a35 759# file suffix to be considered as "download" in Download report.
129e6ea5 760# Use 'none' to disable.
25697a35 761#
94ff9470 762#download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
25697a35 763
491b862f 764# TAG: ulimit n
25697a35
GS		 765# The maximum number of open file descriptors to avoid "Too many open files" error message.
766# You need to run sarg as root to use ulimit tag.
d6e703cc 767# If you run sarg with a low privilege user, set to 'none' to disable ulimit
25697a35
GS		 768#
769#ulimit 20000
770
d3d1bf9c 771# TAG: ntlm_user_format user|domainname+username
491b862f 772# NTLM users format.
25697a35
GS		 773#
774#ntlm_user_format domainname+username
491b862f
GS		 775
776# TAG: realtime_refresh_time num sec
777# How many time to auto refresh the realtime report
778# 0 = disable
779#
780# realtime_refresh_time 3
781
782# TAG: realtime_access_log_lines num
129e6ea5 783# How many last lines to get from access.log file
491b862f
GS		 784#
785# realtime_access_log_lines 1000
786
787# TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
788# Which records must be in realtime report.
789#
193b9516 790# realtime_types GET,PUT,CONNECT,POST
491b862f
GS		 791
792# TAG: realtime_unauthenticated_records: ignore|show
793# What to do with unauthenticated records in realtime report.
794#
d6e703cc 795# realtime_unauthenticated_records: show
491b862f
GS		 796
797# TAG: byte_cost value no_cost_limit
798# Cost per byte.
799# Eg. byte_cost 0.01 100000000
800# per byte cost = 0.01
801# bytes with no cost = 100 Mb
802# 0 = disable
803#
804# byte_cost 0.01 50000000
d6e703cc
FM		 805
806# TAG: squid24 on|off
807# Compatilibity with squid version <= 2.4 when using emulate_http_log on
808#
809# squid24 off
ea275279
FM		 810
811# TAG: sorttable path
418cd63d
FM		 812# The path to a javascript script to dynamically sort the tables.
813# The path is the link a browser must follow to find the script. For instance,
814# it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script
815# is at the root of your web site.
2e96438d
FM		 816#
817# If the path starts with "../" then it is assumed to be a relative
818# path and sarg adds as many "../" as necessary to locate the js script from
418cd63d 819# the output directory. Therefore, ../../sorttable.js links to the javascript
2e96438d
FM		 820# one level above output_dir.
821#
ea275279
FM		 822# If this entry is set, each sortable table will have the "sortable" class set.
823# You may have a look at http://www.kryogenix.org/code/browser/sorttable/
2e96438d 824# for the implementation on which sarg is based.
ea275279
FM		 825#
826# sorttable /sorttable.js
22715352
FM		 827
828# TAG: hostalias
829# The name of a text file containing the host names one per line and the
830# optional alias to use in the report instead of that host name.
831# Host names may contain up to one wildcard denoted by a *. The wildcard
832# must not end the host name.
833# The host name may be followed by an optional alias but if no alias is
834# provided, the host name, including the wildcard, replaces any matching
835# host name found in the log.
836# Host names replaced by identical aliases are grouped together in the
837# reports.
d0e9cc2c
FM		 838# IP addresses are supported and accept the CIDR notation both for IPv4 and
839# IPv6 addresses.
6e24f222
FM		 840# Regular expressions can also be used if sarg was compiled with libpcre.
841# A regular expression is formated as re:/regexp/ alias
a16cb22a
FM		 842# The regexp is a perl regular expression (see man perlre).
843# Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1)
844# subpatterns. Only 9 subpatterns are allowed in the replacement string.
22715352
FM		 845#
846# Example:
847# *.gstatic.com
848# mt*.google.com
849# *.myphone.microsoft.com
850# *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
851# *.freeav.net antivirus:freeav
852# *.mail.live.com
d0e9cc2c 853# 65.52.00.00/14 *.mail.live.com
6e24f222 854# re:/\.dropbox\.com(:443)?/ dropbox
a16cb22a 855# re:/([\w-]+)\.(\w*[a-zA-Z]\w*)(?::\d+)?$/\1.\2
22715352 856#hostalias /usr/local/sarg/hostalias
11767c6a 857
c4f0ea8f
FM		 858# TAG: useralias
859# The name of a text file containing the user names one per line and the
860# optional alias to use in the report instead of that user name.
861# User names may contain wildcards denoted by a *.
862# The user name may be followed by an optional alias but if no alias is
863# provided, the user name, including the wildcard, replaces any matching
864# user name found in the log.
865# User names replaced by identical aliases are grouped together in the
866# reports.
867# IP addresses are supported and accept the CIDR notation both for IPv4 and
868# IPv6 addresses.
869# Regular expressions can also be used if sarg was compiled with libpcre.
870# A regular expression is formated as re:/regexp/ alias
871# The regexp is a perl regular expression (see man perlre).
872# Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1)
873# subpatterns. Only 9 subpatterns are allowed in the replacement string.
874#useralias /usr/local/sarg/useralias
875
11767c6a
FM		 876# TAG: keep_temp_log yes|no
877# Keep temporary files created by sarg to produce its reports. The normal
878# operation mode is to delete those files when they are not necessary any more.
879#
880# Never leave that option to "yes" for normal operation as temporary files
881# left over by previous run can be included in subsequent reports.
882#
883# Use this option only to diagnose a problem with your reports. A better
884# alternative is to run sarg from the command line with optino -k.
885#keep_temp_log no
4d62cb0a
FM		 886
887# TAG: max_successive_log_errors n
888# Set the number of consecutive errors allowed in the input log file before
889# the reading is aborted with an error.
890#max_successive_log_errors 3
891
892# TAG: max_total_log_errors n
893# The reading of the input log file is interrupted if too many errors are found
894# in the log file. This parameter set the number of errors before the reading
895# is aborted. Set it to -1 to keep reading the logs irrespective of the
896# errors found.
897#
898# Note that the max_successive_log_errors is still taken into account and
899# cannot be disabled.
900#max_total_log_errors 50
Unnamed repository; edit this file 'description' to name the repository.