I recently setup SARG to provide Proxy reporting. This has proven to be a beneficial reporting tool. The notes that follow are specific to a Debian installation. I would normally have used apt-get or .deb file, but there were problems with ver. 2.2.5 which is the only version available from Debian. I have since chosen to use the source for ver. 2.2.6
NOTES:
Ensure that Dansguardian (dansguardian.conf) is logging in squid format, otherwise you will not be able to use the dansguardian access.log
I am installing from source with the following:
1) For Debian installation, I found you must change the version of
gcc from 4.1 to 4.3 otherwise you will get an error when running the
./configure. I searched and found someone with the a similar error
trying to install on centos. There maybe a better answer, but this
was my solution.
For systems running vmware, this most likely needs to be changed back once SARG is installed.
2) ./configure --bindir=/usr/bin --enable-htmldir=/var/www/ --sysconfdir=/etc
3) Configure SARG. The configuration below was a good starting point. The configuration file has many other configuration options as well as good documentation of the various settings.
Ensure that Dansguardian (dansguardian.conf) is logging in squid format, otherwise you will not be able to use the dansguardian access.log
I am installing from source with the following:
1) For Debian installation, I found you must change the version of
gcc from 4.1 to 4.3 otherwise you will get an error when running the
./configure. I searched and found someone with the a similar error
trying to install on centos. There maybe a better answer, but this
was my solution.
cd /usr/bin
rm gcc
ln -s gcc-4.3 gcc
For systems running vmware, this most likely needs to be changed back once SARG is installed.
2) ./configure --bindir=/usr/bin --enable-htmldir=/var/www/ --sysconfdir=/etc
3) Configure SARG. The configuration below was a good starting point. The configuration file has many other configuration options as well as good documentation of the various settings.
vi /etc/sarg.conf
access_log /var/log/dansguardian/access.log
graphs yes
graph_days_bytes_bar_color orange
title "Your Company Name - Proxy User Access Reports"
output_dir /var/www/squid-reports
user_ip yes
date_format u
index yes
index_tree file
overwrite_report no
topsites_num 100
report_type topusers topsites sites_users users_sites date_time denied
auth_failures site_user_time_date downloads
long_url yes
show_successful_message yes
show_read_statistics yes
topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT
USED_TIME MILISEC %TIME TOTAL AVERAGE
user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC
%TIME TOTAL AVERAGE
show_sarg_info no
www_document_root /var/www/
4) Simply run "/usr/bin/sarg" or cron it to generate the report @
/var/www/squid-reports/