4 # Where is the access.log file
7 #access_log /usr/local/squid/var/logs/access.log
10 # Use graphics where is possible.
11 # graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
14 #graph_days_bytes_bar_color orange
17 # The full path to the TTF font file to use to create the graphs. It is required
18 # if graphs is set to yes.
20 #graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf
23 # Especify the title for html page.
25 #title "Squid User Access Reports"
28 # Especify the font for html page.
30 #font_face Tahoma,Verdana,Arial
33 # Especify the header color
35 #header_color darkblue
38 # Especify the header bgcolor
40 #header_bgcolor blanchedalmond
43 # Especify the text font size
47 # TAG: header_font_size
48 # Especify the header font size
52 # TAG: title_font_size
53 # Especify the title font size
57 # TAG: background_color
58 # TAG: background_color
59 # Html page background color
61 # background_color white
64 # Html page text color
69 # Html page text background color
71 #text_bgcolor lavender
74 # Html page title color
84 # Html page logo text.
88 # TAG: logo_text_color
89 # Html page logo texti color.
91 #logo_text_color #000000
93 # TAG: logo_image_size
94 # Html page logo image size.
99 # TAG: background_image
100 # Html page background image
102 #background_image none
105 # User password file used by Squid authentication scheme
106 # If used, generate reports just for that users.
111 # Temporary directory name for work files
117 # The reports will be saved in that directory
120 #output_dir /var/www/html/squid-reports
122 # TAG: anonymous_output_files yes/no
123 # Use anonymous file and directory names in the report. If it is set to
124 # no (the default), the user id/ip/name is slightly mangled to create a
125 # suitable file name to store the report of the user but the user's
126 # identity can easily be guessed from the mangled name. If this option is
127 # set, any file or directory belonging to the user is replaced by a short
128 # number. The purpose is to hide the identity of the user when looking
129 # at the report file names but it may serve to shorten the path too.
131 #anonymous_output_files no
134 # Email address to send the reports. If you use this tag, no html reports will be generated.
139 # TAG: resolve_ip modulelist
140 # List the modules to use to convert IP addresses into names.
141 # Each named module is tried in sequence until one returns a result. Therefore
142 # the order of the modules is relevant.
143 # The modules must be listed on one line each separated from the previous one with
146 # The possible modules are
149 # For compatibility with previous versions, yes is a synonymous for dns and
151 # sarg -n forces the use of the dns module.
154 # TAG: user_ip yes/no
155 # Use Ip Address instead userid in reports.
159 # TAG: topuser_sort_field field normal/reverse
160 # Sort field for the Topuser Report.
161 # Allowed fields: USER CONNECT BYTES TIME
163 #topuser_sort_field BYTES reverse
165 # TAG: user_sort_field field normal/reverse
166 # Sort field for the User Report.
167 # Allowed fields: SITE CONNECT BYTES TIME
169 #user_sort_field BYTES reverse
171 # TAG: exclude_users file
172 # users within the file will be excluded from reports.
173 # you can use indexonly to have only index.html file.
177 # TAG: exclude_hosts file
178 # Hosts, domains or subnets will be excluded from reports.
180 # Eg.: 192.168.10.10 - exclude ip address only
181 # 192.168.10.0/24 - exclude full C class
182 # s1.acme.foo - exclude hostname only
183 # *.acme.foo - exclude full domain name
187 # TAG: useragent_log file
188 # useragent.log file patch to generate useragent report.
193 # Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
197 # TAG: per_user_limit file MB
198 # Saves userid on file if download exceed n MB.
199 # This option allow you to disable user access if user exceed a download limit.
204 # How many reports files must be keept in reports directory.
205 # The oldest report file will be automatically removed.
210 # TAG: remove_temp_files yes
211 # Remove temporary files: geral, usuarios, top, periodo from root report directory.
213 #remove_temp_files yes
215 # TAG: index yes|no|only
216 # Generate the main index.html.
217 # only - generate only the main index.html
221 # TAG: index_tree date|file
222 # How to generate the index.
227 # The columns to show in the index of the reports
228 # Columns are: dirsize
230 #index_fields dirsize
232 # TAG: overwrite_report yes|no
233 # yes - if report date already exist then will be overwrited.
234 # no - if report date already exist then will be renamed to filename.n, filename.n+1
238 # TAG: records_without_userid ignore|ip|everybody
239 # What can I do with records without user id (no authentication) in access.log file ?
241 # ignore - This record will be ignored.
242 # ip - Use ip address instead. (default)
243 # everybody - Use "everybody" instead.
245 #records_without_userid ip
247 # TAG: use_comma no|yes
248 # Use comma instead point in reports.
249 # Eg.: use_comma yes => 23,450,110
250 # use_comma no => 23.450.110
255 # Mail command to use to send reports via SMTP. Sarg calls it like this:
256 # mail_utility -s "SARG report, date" "output_email" <"mail_content"
258 # Therefore, it is possible to add more arguments to the command by specifying them
261 # If you need too, you can use a shell script to process the content of /dev/stdin
262 # (/dev/stdin is the mail_content passed by sarg to the script) and call whatever
263 # command you like. It is not limited to mailing the report via SMTP.
265 # Don't forget to quote the command if necessary (i.e. if the path contains
266 # characters that must be quoted).
270 # TAG: topsites_num n
271 # How many sites in topsites report.
275 # TAG: topsites_sort_order CONNECT|BYTES|TIME A|D
276 # Sort for topsites report, where A=Ascendent, D=Descendent
278 #topsites_sort_order CONNECT D
280 # TAG: index_sort_order A/D
281 # Sort for index.html, where A=Ascendent, D=Descendent
285 # TAG: exclude_codes file
286 # Ignore records with these codes. Eg.: NONE/400
287 # Write one code per line. Lines starting with a # are ignored.
288 # Only codes matching exactly one of the line is rejected. The
289 # comparison is not case sensitive.
291 #exclude_codes /usr/local/sarg/exclude_codes
293 # TAG: replace_index string
294 # Replace "index.html" in the main index file with this string
295 # If null "index.html" is used
297 #replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?>
299 # TAG: max_elapsed milliseconds
300 # If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
301 # Use 0 for no checking
303 #max_elapsed 28800000
306 # TAG: report_type type
307 # What kind of reports to generate.
308 # topusers - users, sites, times, bytes, connects, links to accessed sites, etc
309 # topsites - site, connect and bytes report
310 # sites_users - users and sites report
311 # users_sites - accessed sites by the user report
312 # date_time - bytes used per day and hour report
313 # denied - denied sites with full URL report
314 # auth_failures - autentication failures report
315 # site_user_time_date - sites, dates, times and bytes report
316 # downloads - downloads per user report
318 # Eg.: report_type topsites denied
320 #report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
322 # TAG: usertab filename
323 # You can change the "userid" or the "ip address" to be a real user name on the reports.
324 # If resolve_ip is active, the ip address is resolved before being looked up into this
325 # file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
326 # the resolved name will be looked into the file instead of the ip address. Note that
327 # it can be used to resolve any ip address known to the dns and then map the unresolved
328 # ip addresses to a name found in the usertab file.
330 # userid name or ip address name
332 # SirIsaac Isaac Newton
333 # vinci Leonardo da Vinci
334 # 192.168.10.1 Karol Wojtyla
336 # Each line must be terminated with '\n'
337 # If usertab have value "ldap" (case ignoring), user names
338 # will be taken from LDAP server. This method as approaches for reception
339 # of usernames from Active Didectory
343 # TAG: LDAPHost hostname
344 # FQDN or IP address of host with LDAP service or AD DC
345 # default is '127.0.0.1'
349 # LDAP service port number
353 # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
354 # DN of LDAP user, who is authorized to read user's names from LDAP base
355 # default is empty line
356 #LDAPBindDN cn=proxy,dc=mydomain,dc=local
358 # TAG: LDAPBindPW secret
359 # Password of DN, who is authorized to read user's names from LDAP base
360 # default is empty line
363 # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
365 # default is empty line
366 #LDAPBaseSearch ou=users,dc=mydomain,dc=local
368 # TAG: LDAPFilterSearch (uid=%s)
369 # User search filter by user's logins in LDAP
370 # First founded record will be used
371 # %s - will be changed to userlogins from access.log file
372 # filter string can have up to 5 '%s' tags
373 # default value is '(uid=%s)'
374 #LDAPFilterSearch (uid=%s)
376 # TAG: LDAPTargetAttr attributename
377 # Name of the attribute containing a name of the user
378 # default value is 'cn'
381 # TAG: long_url yes|no
382 # If yes, the full url is showed in report.
383 # If no, only the site will be showed
385 # YES option generate very big sort files and reports.
389 # TAG: date_time_by bytes|elap
390 # Date/Time reports show the downloaded volume or the elapsed time or both.
395 # ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
396 # graphic character sets for writing in alphabetic languages
397 # You can use the following charsets:
398 # Latin1 - West European
399 # Latin2 - East European
400 # Latin3 - South European
401 # Latin4 - North European
415 # TAG: user_invalid_char "&/"
416 # Records that contain invalid characters in userid will be ignored by Sarg.
418 #user_invalid_char "&/"
420 # TAG: privacy yes|no
421 # privacy_string "***.***.***.***"
422 # privacy_string_color blue
423 # In some countries the sysadm cannot see the visited sites by a restrictive law.
424 # Using privacy yes the visited url will be changes by privacy_string and the link
425 # will be removed from reports.
428 #privacy_string "***.***.***.***"
429 #privacy_string_color blue
431 # TAG: include_users "user1:user2:...:usern"
432 # Reports will be generated only for listed users.
436 # TAG: exclude_string "string1:string2:...:stringn"
437 # Records from access.log file that contain one of listed strings will be ignored.
441 # TAG: show_successful_message yes|no
442 # Shows "Successful report generated on dir" at end of process.
444 #show_successful_message yes
446 # TAG: show_read_statistics yes|no
447 # Shows some reading statistics.
449 #show_read_statistics yes
451 # TAG: topuser_fields
452 # Which fields must be in Topuser report.
454 #topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
456 # TAG: user_report_fields
457 # Which fields must be in User report.
459 #user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
461 # TAG: bytes_in_sites_users_report yes|no
462 # Bytes field must be in Site & Users Report ?
464 #bytes_in_sites_users_report no
467 # How many users in topsites report. 0 = no limit
472 # Save the report results in a file to populate some database
476 # TAG: datafile_delimiter ";"
477 # ascii character to use as a field separator in datafile
479 #datafile_delimiter ";"
481 # TAG: datafile_fields all
482 # Which data fields must be in datafile
483 # user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
485 #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
487 # TAG: datafile_url ip|name
488 # Saves the URL as ip or name in datafile
493 # The weekdays to take into account ( Sunday->0, Saturday->6 )
500 # The hours to take into account
502 #hours 7-12,14,16,18-20
506 # TAG: dansguardian_conf file
507 # DansGuardian.conf file path
508 # Generate reports from DansGuardian logs.
509 # Use 'none' to disable it.
510 # dansguardian_conf /usr/dansguardian/dansguardian.conf
512 #dansguardian_conf none
514 # TAG: dansguardian_filter_out_date on|off
515 # This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action.
516 # Note the change of parameter value compared with the old option.
517 # 'off' use the record even if its date is outside of the range found in the input log file.
518 # 'on' use the record only if its date is in the range found in the input log file.
520 #dansguardian_filter_out_date on
522 # TAG: squidguard_conf file
523 # path to squidGuard.conf file
524 # Generate reports from SquidGuard logs.
525 # Use 'none' to disable.
526 # You can use sarg -L filename to use an alternate squidGuard log.
527 # squidguard_conf /usr/local/squidGuard/squidGuard.conf
529 #squidguard_conf none
531 # TAG: redirector_log file
532 # the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
533 # may be repeated up to 64 times to read multiple files.
534 # If this option is specified, it takes precedence over squidguard_conf.
535 # The command line option -L override this option.
537 #redirector_log /usr/local/squidGuard/var/logs/urls.log
539 # TAG: redirector_filter_out_date on|off
540 # This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not
541 # appropriate with respect to their action.
542 # Note the change of parameter value compared with the old options.
543 # 'off' use the record even if its date is outside of the range found in the input log file.
544 # 'on' use the record only if its date is in the range found in the input log file.
546 #redirector_filter_out_date on
548 # TAG: redirector_log_format
549 # Format string for web proxy redirector logs.
550 # This option was named squidguard_log_format before sarg 2.3.
551 # REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
552 # SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end#
553 #redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end#
555 # TAG: show_sarg_info yes|no
556 # shows sarg information and site path on each report bottom
560 # TAG: show_sarg_logo yes|no
565 # TAG: parsed_output_log directory
566 # Saves the processed log in a sarg format after parsing the squid log file.
567 # This is a way to dump all of the data structures out, after parsing from
568 # the logs (presumably this data will be much smaller than the log files themselves),
569 # and pull them back in for later processing and merging with data from previous logs.
571 #parsed_output_log none
573 # TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
574 # Command to run to compress sarg parsed output log. It may contain
575 # options (such as -f to overwrite existing target file). The name of
576 # the file to compresse is provided at the end of this
577 # command line. Don't forget to quote things appropriately.
579 #parsed_output_log_compress /bin/gzip
581 # TAG: displayed_values bytes|abbreviation
582 # how the values will be displayed in reports.
583 # eg. bytes - 209.526
584 # abbreviation - 210K
586 #displayed_values bytes
589 # TAG: authfail_report_limit n
590 # TAG: denied_report_limit n
591 # TAG: siteusers_report_limit n
592 # TAG: squidguard_report_limit n
593 # TAG: user_report_limit n
594 # TAG: dansguardian_report_limit n
595 # TAG: download_report_limit n
596 # report limits (lines).
599 #authfail_report_limit 10
600 #denied_report_limit 10
601 #siteusers_report_limit 0
602 #squidguard_report_limit 10
603 #dansguardian_report_limit 10
604 #user_report_limit 10
605 #user_report_limit 50
607 # TAG: www_document_root dir
608 # Where is your Web DocumentRoot
609 # Sarg will create sarg-php directory with some PHP modules:
610 # - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
612 #www_document_root /var/www/html
614 # TAG: block_it module_url
615 # This tag allow you to pass urls from user reports to a cgi or php module,
616 # to be blocked by some Squid acl
618 # Eg.: block_it /sarg-php/sarg-block-it.php
619 # sarg-block-it is a php that will append a url to a flat file.
620 # You must change /var/www/html/sarg-php/sarg-block-it to point to your file
621 # in $filename variable, and chown to a httpd owner.
623 # sarg will pass http://module_url?url=url
627 # TAG: external_css_file path
628 # Provide the path to an external css file to link into the HTML reports instead of
629 # the inline css written by sarg when this option is not set.
631 # In versions prior to 2.3, this used to be an absolute file name to
632 # a file to include verbatim in each HTML page but, as it takes a lot of
633 # space, version 2.3 switched to a link to an external css file.
634 # Therefore, this option must contain the HTTP server path on which a client
635 # browser may find the css file.
637 # Sarg use theses style classes:
639 # .info sarg information class, align=center
640 # .title_c title class, align=center
641 # .header_c header class, align:center
642 # .header_l header class, align:left
643 # .header_r header class, align:right
644 # .text text class, align:right
645 # .data table text class, align:right
646 # .data2 table text class, align:left
647 # .data3 table text class, align:center
650 # Sarg can be instructed to output the internal css it inline
651 # into the reports with this command:
655 # You can redirect the output to a file of your choice and edit
658 #external_css_file none
660 # TAG: user_authentication yes|no
661 # Allow user authentication in User Reports using .htaccess
663 # AuthUserTemplateFile - The template to use to create the
664 # .htaccess file. In the template, %u is replaced by the
665 # user's ID for which the report is generated. The path of the
666 # template is relative to the directory containing sarg
667 # configuration file.
669 # user_authentication no
670 # AuthUserTemplateFile sarg_htaccess
672 # TAG: download_suffix "suffix,suffix,...,suffix"
673 # file suffix to be considered as "download" in Download report.
674 # Use 'none' to disable.
676 #download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
679 # The maximum number of open file descriptors to avoid "Too many open files" error message.
680 # You need to run sarg as root to use ulimit tag.
681 # If you run sarg with a low privilege user, set to 'none' to disable ulimit
685 # TAG: ntlm_user_format username|domainname+username
688 #ntlm_user_format domainname+username
690 # TAG: realtime_refresh_time num sec
691 # How many time to auto refresh the realtime report
694 # realtime_refresh_time 3
696 # TAG: realtime_access_log_lines num
697 # How many last lines to get from access.log file
699 # realtime_access_log_lines 1000
701 # TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
702 # Which records must be in realtime report.
704 # realtime_types GET,PUT,CONNECT
706 # TAG: realtime_unauthenticated_records: ignore|show
707 # What to do with unauthenticated records in realtime report.
709 # realtime_unauthenticated_records: show
711 # TAG: byte_cost value no_cost_limit
713 # Eg. byte_cost 0.01 100000000
714 # per byte cost = 0.01
715 # bytes with no cost = 100 Mb
718 # byte_cost 0.01 50000000
720 # TAG: squid24 on|off
721 # Compatilibity with squid version <= 2.4 when using emulate_http_log on
725 # TAG: sorttable path
726 # The path to a javascript script to dynamically sort the tables.
727 # The path is the link a browser must follow to find the script. For instance,
728 # it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script
729 # is at the root of your web site.
731 # If the path starts with "../" then it is assumed to be a relative
732 # path and sarg adds as many "../" as necessary to locate the js script from
733 # the output directory. Therefore, ../../sorttable.js links to the javascript
734 # one level above output_dir.
736 # If this entry is set, each sortable table will have the "sortable" class set.
737 # You may have a look at http://www.kryogenix.org/code/browser/sorttable/
738 # for the implementation on which sarg is based.
740 # sorttable /sorttable.js
743 # The name of a text file containing the host names one per line and the
744 # optional alias to use in the report instead of that host name.
745 # Host names may contain up to one wildcard denoted by a *. The wildcard
746 # must not end the host name.
747 # The host name may be followed by an optional alias but if no alias is
748 # provided, the host name, including the wildcard, replaces any matching
749 # host name found in the log.
750 # Host names replaced by identical aliases are grouped together in the
752 # IP addresses are supported and accept the CIDR notation both for IPv4 and
754 # Regular expressions can also be used if sarg was compiled with libpcre.
755 # A regular expression is formated as re:/regexp/ alias
756 # The regexp is a perl regular expression (see man perlre).
757 # Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1)
758 # subpatterns. Only 9 subpatterns are allowed in the replacement string.
763 # *.myphone.microsoft.com
764 # *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
765 # *.freeav.net antivirus:freeav
767 # 65.52.00.00/14 *.mail.live.com
768 # re:/\.dropbox\.com(:443)?/ dropbox
769 # re:/([\w-]+)\.(\w*[a-zA-Z]\w*)(?::\d+)?$/\1.\2
770 #hostalias /usr/local/sarg/hostalias