From f676bf571dcac87e637bebf01cea634c53ffc0f3 Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 27 Mar 2012 03:50:17 -0300 Subject: sarg - first files --- config/sarg/sarg.template | 793 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 793 insertions(+) create mode 100644 config/sarg/sarg.template (limited to 'config/sarg/sarg.template') diff --git a/config/sarg/sarg.template b/config/sarg/sarg.template new file mode 100644 index 00000000..560d0c10 --- /dev/null +++ b/config/sarg/sarg.template @@ -0,0 +1,793 @@ + 23,450,110 +# use_comma no => 23.450.110 +# +use_comma {$use_comma} + +# TAG: mail_utility +# Mail command to use to send reports via SMTP. Sarg calls it like this: +# mail_utility -s "SARG report, date" "output_email" <"mail_content" +# +# Therefore, it is possible to add more arguments to the command by specifying them +# here. +# +# If you need too, you can use a shell script to process the content of /dev/stdin +# (/dev/stdin is the mail_content passed by sarg to the script) and call whatever +# command you like. It is not limited to mailing the report via SMTP. +# +# Don't forget to quote the command if necessary (i.e. if the path contains +# characters that must be quoted). +# +#mail_utility mailx + +# TAG: topsites_num n +# How many sites in topsites report. +# +#topsites_num 100 + +# TAG: topsites_sort_order CONNECT|BYTES|TIME A|D +# Sort for topsites report, where A=Ascendent, D=Descendent +# +#topsites_sort_order CONNECT D + +# TAG: index_sort_order A/D +# Sort for index.html, where A=Ascendent, D=Descendent +# +#index_sort_order D + +# TAG: exclude_codes file +# Ignore records with these codes. Eg.: NONE/400 +# Write one code per line. Lines starting with a # are ignored. +# Only codes matching exactly one of the line is rejected. The +# comparison is not case sensitive. +# +#exclude_codes /usr/local/sarg/exclude_codes + +# TAG: replace_index string +# Replace "index.html" in the main index file with this string +# If null "index.html" is used +# +#replace_index + +# TAG: max_elapsed milliseconds +# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time. +# Use 0 for no checking +# +#max_elapsed 28800000 +# 8 Hours + +# TAG: report_type type +# What kind of reports to generate. +# topusers - users, sites, times, bytes, connects, links to accessed sites, etc +# topsites - site, connect and bytes report +# sites_users - users and sites report +# users_sites - accessed sites by the user report +# date_time - bytes used per day and hour report +# denied - denied sites with full URL report +# auth_failures - autentication failures report +# site_user_time_date - sites, dates, times and bytes report +# downloads - downloads per user report +# +# Eg.: report_type topsites denied +# +#report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads +report_type {$report_type} + +# TAG: usertab filename +# You can change the "userid" or the "ip address" to be a real user name on the reports. +# If resolve_ip is active, the ip address is resolved before being looked up into this +# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or +# the resolved name will be looked into the file instead of the ip address. Note that +# it can be used to resolve any ip address known to the dns and then map the unresolved +# ip addresses to a name found in the usertab file. +# Table syntax: +# userid name or ip address name +# Eg: +# SirIsaac Isaac Newton +# vinci Leonardo da Vinci +# 192.168.10.1 Karol Wojtyla +# +# Each line must be terminated with '\ n' +# If usertab have value "ldap" (case ignoring), user names +# will be taken from LDAP server. This method as approaches for reception +# of usernames from Active Didectory +# +#usertab none +usertab {$usertab} + +# TAG: LDAPHost hostname +# FQDN or IP address of host with LDAP service or AD DC +# default is '127.0.0.1' +#LDAPHost 127.0.0.1 + +# TAG: LDAPPort port +# LDAP service port number +# default is '389' +#LDAPPort 389 + +# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com +# DN of LDAP user, who is authorized to read user's names from LDAP base +# default is empty line +#LDAPBindDN cn=proxy,dc=mydomain,dc=local + +# TAG: LDAPBindPW secret +# Password of DN, who is authorized to read user's names from LDAP base +# default is empty line +#LDAPBindPW secret + +# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com +# LDAP search base +# default is empty line +#LDAPBaseSearch ou=users,dc=mydomain,dc=local + +# TAG: LDAPFilterSearch (uid=%s) +# User search filter by user's logins in LDAP +# First founded record will be used +# %s - will be changed to userlogins from access.log file +# filter string can have up to 5 '%s' tags +# default value is '(uid=%s)' +#LDAPFilterSearch (uid=%s) + +# TAG: LDAPTargetAttr attributename +# Name of the attribute containing a name of the user +# default value is 'cn' +#LDAPTargetAttr cn + +# TAG: long_url yes|no +# If yes, the full url is showed in report. +# If no, only the site will be showed +# +# YES option generate very big sort files and reports. +# +long_url {$long_url} + +# TAG: date_time_by bytes|elap +# Date/Time reports show the downloaded volume or the elapsed time or both. +# +#date_time_by bytes + +# TAG: charset name +# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit) +# graphic character sets for writing in alphabetic languages +# You can use the following charsets: +# Latin1 - West European +# Latin2 - East European +# Latin3 - South European +# Latin4 - North European +# Cyrillic +# Arabic +# Greek +# Hebrew +# Latin5 - Turkish +# Latin6 +# Windows-1251 +# Japan +# Koi8-r +# UTF-8 +# +#charset Latin1 +charset UTF-8 +# TAG: user_invalid_char "&/" +# Records that contain invalid characters in userid will be ignored by Sarg. +# +#user_invalid_char "&/" + +# TAG: privacy yes|no +# privacy_string "***.***.***.***" +# privacy_string_color blue +# In some countries the sysadm cannot see the visited sites by a restrictive law. +# Using privacy yes the visited url will be changes by privacy_string and the link +# will be removed from reports. +# +privacy {$privacy} +#privacy_string "***.***.***.***" +#privacy_string_color blue + +# TAG: include_users "user1:user2:...:usern" +# Reports will be generated only for listed users. +# +#include_users none +{$include_users} + +# TAG: exclude_string "string1:string2:...:stringn" +# Records from access.log file that contain one of listed strings will be ignored. +# +#exclude_string none + +# TAG: show_successful_message yes|no +# Shows "Successful report generated on dir" at end of process. +# +#show_successful_message yes + +# TAG: show_read_statistics yes|no +# Shows some reading statistics. +# +#show_read_statistics yes + +# TAG: topuser_fields +# Which fields must be in Topuser report. +# +#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE + +# TAG: user_report_fields +# Which fields must be in User report. +# +#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE + +# TAG: bytes_in_sites_users_report yes|no +# Bytes field must be in Site & Users Report ? +# +#bytes_in_sites_users_report no + +# TAG: topuser_num n +# How many users in topsites report. 0 = no limit +# +#topuser_num 0 + +# TAG: datafile file +# Save the report results in a file to populate some database +# +#datafile none + +# TAG: datafile_delimiter " " +# ascii character to use as a field separator in datafile +# +#datafile_delimiter "" +{$datafile_delimiter} +# TAG: datafile_fields all +# Which data fields must be in datafile +# user;date;time;url;connect;bytes;in_cache;out_cache;elapsed +# +#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed +{$datafile_fields} + +# TAG: datafile_url ip|name +# Saves the URL as ip or name in datafile +# +#datafile_url ip + +# TAG: weekdays +# The weekdays to take into account ( Sunday->0, Saturday->6 ) +# Example: +#weekdays 1-3,5 +# Default: +#weekdays 0-6 + +# TAG: hours +# The hours to take into account +# Example: +#hours 7-12,14,16,18-20 +# Default: +#hours 0-23 + +# TAG: dansguardian_conf file +# DansGuardian.conf file path +# Generate reports from DansGuardian logs. +# Use 'none' to disable it. +# dansguardian_conf /usr/dansguardian/dansguardian.conf +# +dansguardian_conf {$dansguardian_conf} + +# TAG: dansguardian_filter_out_date on|off +# This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action. +# Note the change of parameter value compared with the old option. +# 'off' use the record even if its date is outside of the range found in the input log file. +# 'on' use the record only if its date is in the range found in the input log file. +# +${dansguardian_filter_out_date} + +# TAG: squidguard_conf file +# path to squidGuard.conf file +# Generate reports from SquidGuard logs. +# Use 'none' to disable. +# You can use sarg -L filename to use an alternate squidGuard log. +# squidguard_conf /usr/local/squidGuard/squidGuard.conf +# +squidguard_conf {$squidguard_conf} + +# TAG: redirector_log file +# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option +# may be repeated up to 64 times to read multiple files. +# If this option is specified, it takes precedence over squidguard_conf. +# The command line option -L override this option. +# +#redirector_log /usr/local/squidGuard/var/logs/urls.log + +# TAG: redirector_filter_out_date on|off +# This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not +# appropriate with respect to their action. +# Note the change of parameter value compared with the old options. +# 'off' use the record even if its date is outside of the range found in the input log file. +# 'on' use the record only if its date is in the range found in the input log file. +# +#redirector_filter_out_date on + +# TAG: redirector_log_format +# Format string for web proxy redirector logs. +# This option was named squidguard_log_format before sarg 2.3. +# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end# +# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# +#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# + +# TAG: show_sarg_info yes|no +# shows sarg information and site path on each report bottom +# +#show_sarg_info yes + +# TAG: show_sarg_logo yes|no +# shows sarg logo +# +#show_sarg_logo yes + +# TAG: parsed_output_log directory +# Saves the processed log in a sarg format after parsing the squid log file. +# This is a way to dump all of the data structures out, after parsing from +# the logs (presumably this data will be much smaller than the log files themselves), +# and pull them back in for later processing and merging with data from previous logs. +# +#parsed_output_log none + +# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress +# Command to run to compress sarg parsed output log. It may contain +# options (such as -f to overwrite existing target file). The name of +# the file to compresse is provided at the end of this +# command line. Don't forget to quote things appropriately. +# +#parsed_output_log_compress /bin/gzip + +# TAG: displayed_values bytes|abbreviation +# how the values will be displayed in reports. +# eg. bytes - 209.526 +# abbreviation - 210K +# +#displayed_values bytes + +# Report limits +# TAG: authfail_report_limit n +# TAG: denied_report_limit n +# TAG: siteusers_report_limit n +# TAG: squidguard_report_limit n +# TAG: user_report_limit n +# TAG: dansguardian_report_limit n +# TAG: download_report_limit n +# report limits (lines). +# '0' no limit +# +#authfail_report_limit 10 +#denied_report_limit 10 +#siteusers_report_limit 0 +#squidguard_report_limit 10 +#dansguardian_report_limit 10 +#user_report_limit 10 +#user_report_limit 50 + +# TAG: www_document_root dir +# Where is your Web DocumentRoot +# Sarg will create sarg-php directory with some PHP modules: +# - sarg-squidguard-block.php - add urls from user reports to squidGuard DB +# +#www_document_root /var/www/html +www_document_root /usr/local/www + +# TAG: block_it module_url +# This tag allow you to pass urls from user reports to a cgi or php module, +# to be blocked by some Squid acl +# +# Eg.: block_it /sarg-php/sarg-block-it.php +# sarg-block-it is a php that will append a url to a flat file. +# You must change /var/www/html/sarg-php/sarg-block-it to point to your file +# in $filename variable, and chown to a httpd owner. +# +# sarg will pass http://module_url?url=url +# +#block_it none + +# TAG: external_css_file path +# Provide the path to an external css file to link into the HTML reports instead of +# the inline css written by sarg when this option is not set. +# +# In versions prior to 2.3, this used to be an absolute file name to +# a file to include verbatim in each HTML page but, as it takes a lot of +# space, version 2.3 switched to a link to an external css file. +# Therefore, this option must contain the HTTP server path on which a client +# browser may find the css file. +# +# Sarg use theses style classes: +# .logo logo class +# .info sarg information class, align=center +# .title_c title class, align=center +# .header_c header class, align:center +# .header_l header class, align:left +# .header_r header class, align:right +# .text text class, align:right +# .data table text class, align:right +# .data2 table text class, align:left +# .data3 table text class, align:center +# .link link class +# +# Sarg can be instructed to output the internal css it inline +# into the reports with this command: +# +# sarg --css +# +# You can redirect the output to a file of your choice and edit +# it to your liking. +# +#external_css_file none + +# TAG: user_authentication yes|no +# Allow user authentication in User Reports using .htaccess +# Parameters: +# AuthUserTemplateFile - The template to use to create the +# .htaccess file. In the template, %u is replaced by the +# user's ID for which the report is generated. The path of the +# template is relative to the directory containing sarg +# configuration file. +# +# user_authentication no +# AuthUserTemplateFile sarg_htaccess + +# TAG: download_suffix "suffix,suffix,...,suffix" +# file suffix to be considered as "download" in Download report. +# Use 'none' to disable. +# +#download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg" + +# TAG: ulimit n +# The maximum number of open file descriptors to avoid "Too many open files" error message. +# You need to run sarg as root to use ulimit tag. +# If you run sarg with a low privilege user, set to 'none' to disable ulimit +# +#ulimit 20000 + +# TAG: ntlm_user_format username|domainname+username +# NTLM users format. +# +#ntlm_user_format domainname+username + +# TAG: realtime_refresh_time num sec +# How many time to auto refresh the realtime report +# 0 = disable +# +realtime_refresh_time 0 + +# TAG: realtime_access_log_lines num +# How many last lines to get from access.log file +# +# realtime_access_log_lines 1000 + +# TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST +# Which records must be in realtime report. +# +realtime_types GET,PUT,CONNECT + +# TAG: realtime_unauthenticated_records: ignore|show +# What to do with unauthenticated records in realtime report. +# +# +realtime_unauthenticated_records show + +# TAG: byte_cost value no_cost_limit +# Cost per byte. +# Eg. byte_cost 0.01 100000000 +# per byte cost = 0.01 +# bytes with no cost = 100 Mb +# 0 = disable +# +# byte_cost 0.01 50000000 + +# TAG: squid24 on|off +# Compatilibity with squid version <= 2.4 when using emulate_http_log on +# +# squid24 off + +# TAG: sorttable path +# The path to a javascript script to dynamically sort the tables. +# The path is the link a browser must follow to find the script. For instance, +# it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script +# is at the root of your web site. +# +# If the path starts with "../" then it is assumed to be a relative +# path and sarg adds as many "../" as necessary to locate the js script from +# the output directory. Therefore, ../../sorttable.js links to the javascript +# one level above output_dir. +# +# If this entry is set, each sortable table will have the "sortable" class set. +# You may have a look at http://www.kryogenix.org/code/browser/sorttable/ +# for the implementation on which sarg is based. +# +# sorttable /sorttable.js + +# TAG: hostalias +# The name of a text file containing the host names one per line and the +# optional alias to use in the report instead of that host name. +# Host names may contain up to one wildcard denoted by a *. The wildcard +# must not end the host name. +# The host name may be followed by an optional alias but if no alias is +# provided, the host name, including the wildcard, replaces any matching +# host name found in the log. +# Host names replaced by identical aliases are grouped together in the +# reports. +# IP addresses are supported and accept the CIDR notation both for IPv4 and +# IPv6 addresses. +# +# Example: +# *.gstatic.com +# mt*.google.com +# *.myphone.microsoft.com +# *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure +# *.freeav.net antivirus:freeav +# *.mail.live.com +# 65.52.00.00/14 *.mail.live.com +#hostalias /usr/local/sarg/hostalias +EOF; +?> -- cgit v1.2.3