Unknown Unknown Author
Title: SARG Report Generator :: Squid Log Analysis
Author: Unknown
Rating 5 of 5 Des:
  SARG is a Open Source Tool, FREE and under GPL , It creates Squid Log Reports in HTML formats, looks beautiful, Variety of option...


SARG is a Open Source Tool, FREE and under GPL , It creates Squid Log Reports in HTML formats, looks beautiful, Variety of option given in the tool for Daily, Weekly, Monthly Report . helps us to view how much bandwidth is utilized by individual machines on the network.

This article is tested on centOS 5.4

Step by step Installation of SARG

Step 1:  Install required packages # yum install –y gcc
# yum install –y gd
# yum install –y gd-devel
# yum install –y make
# yum install –y perl-GD
# yum install –y wget
# yum install –y httpd

Step 2: Download and Install SARG
# wget http://garr.dl.sourceforge.net/project/sarg/sarg/sarg-2.3.7/sarg-2.3.7.tar.gz
# tar -xvzf sarg-2.3.7.tar.gz
# cd sarg-2.3.7
# ./configure
# make
# make install

Step3: Configure SARG
Edit Sarg Configuration File for Access Log Path,Output Directory,Date Format, Overwrite report for same date
# vi /usr/local/etc/sarg.conf
Search
#access_log /usr/local/squid/var/logs/access.log
Put actual log location
access_log /usr/local/squid/var/logs/access.log
un comment
output_dir /var/www/html/squid-reports
un comment date format, to view correct date format modify
#date_format u      <—–change this
date_format e
Note : ‘date_format e‘ will display reports in ‘dd/mm/yy‘ format.
Un comment
#overwrite_report no
overwrite_report yes  <–change this means report date already exist then will be overwritten
now save the config file, modification is over

Step 4: Generation Sarg Report
# sarg –x
SARG: Init
SARG: Loading configuration from /usr/local/etc/sarg.conf
SARG: Parameters:
SARG:           Hostname or IP address (-a) =
SARG:                   Useragent log (-b) =
SARG:                     Exclude file (-c) =
SARG:                 Date from-until (-d) =
SARG:   Email address to send reports (-e) =
SARG:                     Config file (-f) =  /usr/local/etc/sarg.conf
SARG:                     Date format (-g) =  Europe (dd/mm/yyyy)
SARG:                       IP report (-i) = No
SARG:             Keep temporary files (-k) = No
SARG:                        Input log (-l) = /var/log/squid/access.log
SARG:               Resolve IP Address (-n) = No
SARG:                       Output dir (-o) = /var/www/html/squid-reports/
SARG: Use Ip Address instead of userid (-p) = No
SARG:                  Accessed site (-s) =
SARG:                             Time (-t) =
SARG:                             User (-u) =
SARG:                   Temporary dir (-w) = /tmp/sarg
SARG:                   Debug messages (-x) = Yes
SARG:                 Process messages (-z) = No
SARG: Previous reports to keep (–lastlog) = 0
SARG:
SARG: sarg version: 2.3.7 May-30-2013
SARG: Reading access log file: /var/log/squid/access.log
SARG: Records in file: 624, reading: 100.00%
SARG:   Records read: 624, written: 624, excluded: 0
SARG: Squid log format
SARG: Period: 12 Jun 2015
SARG: Sorting log /tmp/sarg/192_168_0_155.user_unsort
SARG: Making file: /tmp/sarg/192_168_0_155
SARG: Sorting file: /tmp/sarg/192_168_0_155.utmp
SARG: Making report: 192.168.0.155
SARG: Making index.html
SARG: Successful report generated on /var/www/html/squid-reports/12Jun2015-12Jun2015
SARG: Purging temporary file sarg-general
SARG: End

Step 5: Assessing SARG Report
Sarg will generate reports in ‘/var/www/html/squid-reports directory, Which can be accessed from the web browser using the address.
http://192.168.0.65/squid-reports/

   Figure 1

 Figure 2 


 Figure 3



Step 6:  Scheduling for Generate SARG Report

# crontab –e
*/2   * * * * /usr/local/bin/sarg –x  

Above cron will generate report evry two hours, modify as per your need
That’s it  !!

About Author

Advertisement

Next
Newer Post
Previous
This is the last post.

Post a Comment

 
Top