Usually, it's pretty hard to analyze information from the squid log file. For example, I don't know how to analyze date or number of hits from /var/log/squid/access.log. If someone needs to analyze which websites are being accessed from the network, SARG may be a very good tool. SARG, or Squid Analysis Report Generator (http://sarg.sourceforge.net) analyzes the log, and generates a web based table where one can easily analyze proxy traffic.
Although SARG can be installed using YUM, I have faced problems with CentOS 6. So, I went for tarball installation instead. And believe, it's really easy unlike many tarball installtions.
So, let's start:
Time to modify the conf file
There are a lot of options, and it is always recommended to go through them. However, we'll be editing only the ones that we need.
Time for a test run
We have used to the "-x" parameter for to view detail information on the run (used for debugging). If all goes well, there should be a report generated at /var/www/html/squid-reports directory which can be accessed from the web browser using the address http://IP/squid-reports
 |
| Sarg in Browser |
Now, we'd be adding a scheduled task to run SARG at 02:30 everyday.
Troubleshooting
If there is problem viewing the SARG page, here are a few tips:
- Check whether the Firewall is blocking (iptables)
- Check if there is a file /etc/httpd/conf.d/sarg.conf. There is a line "allow from". Modify it to suit your needs.
- Verify that there is directory "/var/www/html/squid-reports"
0 comments:
Post a Comment