-
Notifications
You must be signed in to change notification settings - Fork 14
/
sarg.conf
802 lines (698 loc) · 25.2 KB
/
sarg.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
# sarg.conf
#
# TAG: access_log file
# Where is the access.log file
# sarg -l file
#
access_log /usr/local/squid/var/logs/access.log
# TAG: graphs yes|no
# Use graphics where is possible.
# graph_days_bytes_bar_color blue|green|yellow|orange|brown|red
#
graphs yes
graph_days_bytes_bar_color orange
# TAG: graph_font
# The full path to the TTF font file to use to create the graphs. It is required
# if graphs is set to yes.
#
graph_font /usr/share/fonts/dejavu/DejaVuSans.ttf
# TAG: title
# Especify the title for html page.
#
title "Squid User Access Reports By Ezio"
# TAG: font_face
# Especify the font for html page.
#
font_face Tahoma,Verdana,Arial
# TAG: header_color
# Especify the header color
#
header_color darkblue
# TAG: header_bgcolor
# Especify the header bgcolor
#
header_bgcolor blanchedalmond
# TAG: font_size
# Especify the text font size
#
font_size 9px
# TAG: header_font_size
# Especify the header font size
#
header_font_size 9px
# TAG: title_font_size
# Especify the title font size
#
title_font_size 11px
# TAG: background_color
# TAG: background_color
# Html page background color
#
background_color white
# TAG: text_color
# Html page text color
#
text_color #000000
# TAG: text_bgcolor
# Html page text background color
#
text_bgcolor lavender
# TAG: title_color
# Html page title color
#
title_color green
# TAG: logo_image
# Html page logo.
#
#logo_image none
# TAG: logo_text
# Html page logo text.
#
#logo_text ""
# TAG: logo_text_color
# Html page logo texti color.
#
#logo_text_color #000000
# TAG: logo_image_size
# Html page logo image size.
# width height
#
#image_size 80 45
# TAG: background_image
# Html page background image
#
#background_image none
# TAG: password
# User password file used by Squid authentication scheme
# If used, generate reports just for that users.
#
#password none
# TAG: temporary_dir
# Temporary directory name for work files
# sarg -w dir
#
temporary_dir /tmp
# TAG: output_dir
# The reports will be saved in that directory
# sarg -o dir
#
output_dir /usr/local/squid/report
# TAG: anonymous_output_files yes/no
# Use anonymous file and directory names in the report. If it is set to
# no (the default), the user id/ip/name is slightly mangled to create a
# suitable file name to store the report of the user but the user's
# identity can easily be guessed from the mangled name. If this option is
# set, any file or directory belonging to the user is replaced by a short
# number. The purpose is to hide the identity of the user when looking
# at the report file names but it may serve to shorten the path too.
#
anonymous_output_files no
# TAG: output_email
# Email address to send the reports. If you use this tag, no html reports will be generated.
# sarg -e email
#
#output_email none
# TAG: resolve_ip modulelist
# List the modules to use to convert IP addresses into names.
# Each named module is tried in sequence until one returns a result. Therefore
# the order of the modules is relevant.
# The modules must be listed on one line each separated from the previous one with
# a space.
#
# The possible modules are
# dns Use the DNS.
# exec Call an external program with the IP address as argument.
#
# For compatibility with previous versions, yes is a synonymous for dns and
# no does nothing.
# sarg -n forces the use of the dns module.
#resolve_ip no
# TAG: resolve_ip_exec command
# If resolve_ip selects the exec module, this is the command to run to
# resolve an IP address. The command must contain a placeholder where the
# IP address is inserted. The placeholder must be %IP in uppercases. The
# placeholder may be repeated multiple times if necessary.
#
# The command is expected to return the host name without frills on its
# standard output. If the command returns nothing, it is assumed that the
# command could not resolve the IP address and the next module in the
# chain is given a try with the same address.
#
# This option can only be used once. Therefore there is only one command
# available to resolve an IP address but the program can do anything it
# deems fit including attempting several strategies.
#
# Beware that running an external program is exceedingly slow. So you
# should try the DNS first and only call an external program if the DNS
# fails.
#resolve_ip_exec nmblookup -A %IP | sed -n -e 's/^ *\(.*\) *<00> - *B.*/\1/p'
# TAG: user_ip yes/no
# Use Ip Address instead userid in reports.
# sarg -p
#user_ip no
# TAG: topuser_sort_field field normal/reverse
# Sort field for the Topuser Report.
# Allowed fields: USER CONNECT BYTES TIME
#
topuser_sort_field BYTES reverse
# TAG: user_sort_field field normal/reverse
# Sort field for the User Report.
# Allowed fields: SITE CONNECT BYTES TIME
#
user_sort_field BYTES reverse
# TAG: exclude_users file
# users within the file will be excluded from reports.
# you can use indexonly to have only index.html file.
#
#exclude_users none
# TAG: exclude_hosts file
# Hosts, domains or subnets will be excluded from reports.
#
# Eg.: 192.168.10.10 - exclude ip address only
# 192.168.10.0/24 - exclude full C class
# s1.acme.foo - exclude hostname only
# *.acme.foo - exclude full domain name
#
#exclude_hosts none
# TAG: useragent_log file
# useragent.log file patch to generate useragent report.
#
#useragent_log none
# TAG: date_format
# Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww)
#
date_format u
# TAG: per_user_limit file MB
# Saves userid on file if download exceed n MB.
# This option allow you to disable user access if user exceed a download limit.
#
#per_user_limit none
# TAG: lastlog n
# How many reports files must be keept in reports directory.
# The oldest report file will be automatically removed.
# 0 - no limit.
#
#lastlog 0
# TAG: remove_temp_files yes
# Remove temporary files: geral, usuarios, top, periodo from root report directory.
#
remove_temp_files yes
# TAG: index yes|no|only
# Generate the main index.html.
# only - generate only the main index.html
#
index yes
# TAG: index_tree date|file
# How to generate the index.
#
index_tree file
# TAG: index_fields
# The columns to show in the index of the reports
# Columns are: dirsize
#
index_fields dirsize
# TAG: overwrite_report yes|no
# yes - if report date already exist then will be overwrited.
# no - if report date already exist then will be renamed to filename.n, filename.n+1
#
overwrite_report yes
# TAG: records_without_userid ignore|ip|everybody
# What can I do with records without user id (no authentication) in access.log file ?
#
# ignore - This record will be ignored.
# ip - Use ip address instead. (default)
# everybody - Use "everybody" instead.
#
#records_without_userid ip
# TAG: use_comma no|yes
# Use comma instead point in reports.
# Eg.: use_comma yes => 23,450,110
# use_comma no => 23.450.110
#
#use_comma no
# TAG: mail_utility
# Mail command to use to send reports via SMTP. Sarg calls it like this:
# mail_utility -s "SARG report, date" "output_email" <"mail_content"
#
# Therefore, it is possible to add more arguments to the command by specifying them
# here.
#
# If you need too, you can use a shell script to process the content of /dev/stdin
# (/dev/stdin is the mail_content passed by sarg to the script) and call whatever
# command you like. It is not limited to mailing the report via SMTP.
#
# Don't forget to quote the command if necessary (i.e. if the path contains
# characters that must be quoted).
#
#mail_utility mailx
# TAG: topsites_num n
# How many sites in topsites report.
#
topsites_num 100
# TAG: topsites_sort_order CONNECT|BYTES|TIME|USER A|D
# Sort for topsites report, where A=Ascendent, D=Descendent
#
#topsites_sort_order CONNECT D
# TAG: index_sort_order A/D
# Sort for index.html, where A=Ascendent, D=Descendent
#
#index_sort_order D
# TAG: exclude_codes file
# Ignore records with these codes. Eg.: NONE/400
# Write one code per line. Lines starting with a # are ignored.
# Only codes matching exactly one of the line is rejected. The
# comparison is not case sensitive.
#
#exclude_codes /usr/local/sarg/exclude_codes
# TAG: replace_index string
# Replace "index.html" in the main index file with this string
# If null "index.html" is used
#
#replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?>
# TAG: max_elapsed milliseconds
# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.
# Use 0 for no checking
#
#max_elapsed 28800000
# 8 Hours
# TAG: report_type type
# What kind of reports to generate.
# topusers - users, sites, times, bytes, connects, links to accessed sites, etc
# topsites - site, connect and bytes report
# sites_users - users and sites report
# users_sites - accessed sites by the user report
# date_time - bytes used per day and hour report
# denied - denied sites with full URL report
# auth_failures - autentication failures report
# site_user_time_date - sites, dates, times and bytes report
# downloads - downloads per user report
#
# Eg.: report_type topsites denied
#
report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
# TAG: usertab filename
# You can change the "userid" or the "ip address" to be a real user name on the reports.
# If resolve_ip is active, the ip address is resolved before being looked up into this
# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or
# the resolved name will be looked into the file instead of the ip address. Note that
# it can be used to resolve any ip address known to the dns and then map the unresolved
# ip addresses to a name found in the usertab file.
# Table syntax:
# userid name or ip address name
# Eg:
# SirIsaac Isaac Newton
# vinci Leonardo da Vinci
# 192.168.10.1 Karol Wojtyla
#
# Each line must be terminated with '\n'
# If usertab have value "ldap" (case ignoring), user names
# will be taken from LDAP server. This method as approaches for reception
# of usernames from Active Didectory
#
#usertab none
# TAG: LDAPHost hostname
# FQDN or IP address of host with LDAP service or AD DC
# default is '127.0.0.1'
#LDAPHost 127.0.0.1
# TAG: LDAPPort port
# LDAP service port number
# default is '389'
#LDAPPort 389
# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com
# DN of LDAP user, who is authorized to read user's names from LDAP base
# default is empty line
#LDAPBindDN cn=proxy,dc=mydomain,dc=local
# TAG: LDAPBindPW secret
# Password of DN, who is authorized to read user's names from LDAP base
# default is empty line
#LDAPBindPW secret
# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com
# LDAP search base
# default is empty line
#LDAPBaseSearch ou=users,dc=mydomain,dc=local
# TAG: LDAPFilterSearch (uid=%s)
# User search filter by user's logins in LDAP
# First founded record will be used
# %s - will be changed to userlogins from access.log file
# filter string can have up to 5 '%s' tags
# default value is '(uid=%s)'
#LDAPFilterSearch (uid=%s)
# TAG: LDAPTargetAttr attributename
# Name of the attribute containing a name of the user
# default value is 'cn'
#LDAPTargetAttr cn
# TAG: long_url yes|no
# If yes, the full url is showed in report.
# If no, only the site will be showed
#
# YES option generate very big sort files and reports.
#
#long_url no
# TAG: date_time_by bytes|elap
# Date/Time reports show the downloaded volume or the elapsed time or both.
#
#date_time_by bytes
# TAG: charset name
# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit)
# graphic character sets for writing in alphabetic languages
# You can use the following charsets:
# Latin1 - West European
# Latin2 - East European
# Latin3 - South European
# Latin4 - North European
# Cyrillic
# Arabic
# Greek
# Hebrew
# Latin5 - Turkish
# Latin6
# Windows-1251
# Japan
# Koi8-r
# UTF-8
#
charset UTF-8
# TAG: user_invalid_char "&/"
# Records that contain invalid characters in userid will be ignored by Sarg.
#
#user_invalid_char "&/"
# TAG: privacy yes|no
# privacy_string "***.***.***.***"
# privacy_string_color blue
# In some countries the sysadm cannot see the visited sites by a restrictive law.
# Using privacy yes the visited url will be changes by privacy_string and the link
# will be removed from reports.
#
#privacy no
#privacy_string "***.***.***.***"
#privacy_string_color blue
# TAG: include_users "user1:user2:...:usern"
# Reports will be generated only for listed users.
#
#include_users none
# TAG: exclude_string "string1:string2:...:stringn"
# Records from access.log file that contain one of listed strings will be ignored.
#
#exclude_string none
# TAG: show_successful_message yes|no
# Shows "Successful report generated on dir" at end of process.
#
#show_successful_message yes
# TAG: show_read_statistics yes|no
# Shows some reading statistics.
#
#show_read_statistics yes
# TAG: topuser_fields
# Which fields must be in Topuser report.
#
#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
# TAG: user_report_fields
# Which fields must be in User report.
#
#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
# TAG: bytes_in_sites_users_report yes|no
# Bytes field must be in Site & Users Report ?
#
#bytes_in_sites_users_report no
# TAG: topuser_num n
# How many users in topsites report. 0 = no limit
#
topuser_num 100
# TAG: datafile file
# Save the report results in a file to populate some database
#
#datafile none
# TAG: datafile_delimiter ";"
# ascii character to use as a field separator in datafile
#
#datafile_delimiter ";"
# TAG: datafile_fields all
# Which data fields must be in datafile
# user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
#
#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed
# TAG: datafile_url ip|name
# Saves the URL as ip or name in datafile
#
#datafile_url ip
# TAG: weekdays
# The weekdays to take into account ( Sunday->0, Saturday->6 )
# Example:
#weekdays 1-3,5
# Default:
#weekdays 0-6
# TAG: hours
# The hours to take into account
# Example:
#hours 7-12,14,16,18-20
# Default:
#hours 0-23
# TAG: dansguardian_conf file
# DansGuardian.conf file path
# Generate reports from DansGuardian logs.
# Use 'none' to disable it.
# dansguardian_conf /usr/dansguardian/dansguardian.conf
#
#dansguardian_conf none
# TAG: dansguardian_filter_out_date on|off
# This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action.
# Note the change of parameter value compared with the old option.
# 'off' use the record even if its date is outside of the range found in the input log file.
# 'on' use the record only if its date is in the range found in the input log file.
#
#dansguardian_filter_out_date on
# TAG: squidguard_conf file
# path to squidGuard.conf file
# Generate reports from SquidGuard logs.
# Use 'none' to disable.
# You can use sarg -L filename to use an alternate squidGuard log.
# squidguard_conf /usr/local/squidGuard/squidGuard.conf
#
#squidguard_conf none
# TAG: redirector_log file
# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option
# may be repeated up to 64 times to read multiple files.
# If this option is specified, it takes precedence over squidguard_conf.
# The command line option -L override this option.
#
#redirector_log /usr/local/squidGuard/var/logs/urls.log
# TAG: redirector_filter_out_date on|off
# This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not
# appropriate with respect to their action.
# Note the change of parameter value compared with the old options.
# 'off' use the record even if its date is outside of the range found in the input log file.
# 'on' use the record only if its date is in the range found in the input log file.
#
#redirector_filter_out_date on
# TAG: redirector_log_format
# Format string for web proxy redirector logs.
# This option was named squidguard_log_format before sarg 2.3.
# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end#
# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end#
#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp# #url# #ip#/#tmp# #user# #end#
# TAG: show_sarg_info yes|no
# shows sarg information and site path on each report bottom
#
show_sarg_info yes
# TAG: show_sarg_logo yes|no
# shows sarg logo
#
#show_sarg_logo yes
# TAG: parsed_output_log directory
# Saves the processed log in a sarg format after parsing the squid log file.
# This is a way to dump all of the data structures out, after parsing from
# the logs (presumably this data will be much smaller than the log files themselves),
# and pull them back in for later processing and merging with data from previous logs.
#
#parsed_output_log none
# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress
# Command to run to compress sarg parsed output log. It may contain
# options (such as -f to overwrite existing target file). The name of
# the file to compresse is provided at the end of this
# command line. Don't forget to quote things appropriately.
#
#parsed_output_log_compress /bin/gzip
# TAG: displayed_values bytes|abbreviation
# how the values will be displayed in reports.
# eg. bytes - 209.526
# abbreviation - 210K
#
#displayed_values bytes
# Report limits
# TAG: authfail_report_limit n
# TAG: denied_report_limit n
# TAG: siteusers_report_limit n
# TAG: squidguard_report_limit n
# TAG: user_report_limit n
# TAG: dansguardian_report_limit n
# TAG: download_report_limit n
# report limits (lines).
# '0' no limit
#
#authfail_report_limit 10
#denied_report_limit 10
#siteusers_report_limit 0
#squidguard_report_limit 10
#dansguardian_report_limit 10
#user_report_limit 10
#user_report_limit 50
# TAG: www_document_root dir
# Where is your Web DocumentRoot
# Sarg will create sarg-php directory with some PHP modules:
# - sarg-squidguard-block.php - add urls from user reports to squidGuard DB
#
#www_document_root /var/www/html
# TAG: block_it module_url
# This tag allow you to pass urls from user reports to a cgi or php module,
# to be blocked by some Squid acl
#
# Eg.: block_it /sarg-php/sarg-block-it.php
# sarg-block-it is a php that will append a url to a flat file.
# You must change /var/www/html/sarg-php/sarg-block-it to point to your file
# in $filename variable, and chown to a httpd owner.
#
# sarg will pass http://module_url?url=url
#
#block_it none
# TAG: external_css_file path
# Provide the path to an external css file to link into the HTML reports instead of
# the inline css written by sarg when this option is not set.
#
# In versions prior to 2.3, this used to be an absolute file name to
# a file to include verbatim in each HTML page but, as it takes a lot of
# space, version 2.3 switched to a link to an external css file.
# Therefore, this option must contain the HTTP server path on which a client
# browser may find the css file.
#
# Sarg use theses style classes:
# .logo logo class
# .info sarg information class, align=center
# .title_c title class, align=center
# .header_c header class, align:center
# .header_l header class, align:left
# .header_r header class, align:right
# .text text class, align:right
# .data table text class, align:right
# .data2 table text class, align:left
# .data3 table text class, align:center
# .link link class
#
# Sarg can be instructed to output the internal css it inline
# into the reports with this command:
#
# sarg --css
#
# You can redirect the output to a file of your choice and edit
# it to your liking.
#
#external_css_file none
# TAG: user_authentication yes|no
# Allow user authentication in User Reports using .htaccess
# Parameters:
# AuthUserTemplateFile - The template to use to create the
# .htaccess file. In the template, %u is replaced by the
# user's ID for which the report is generated. The path of the
# template is relative to the directory containing sarg
# configuration file.
#
# user_authentication no
# AuthUserTemplateFile sarg_htaccess
# TAG: download_suffix "suffix,suffix,...,suffix"
# file suffix to be considered as "download" in Download report.
# Use 'none' to disable.
#
#download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
# TAG: ulimit n
# The maximum number of open file descriptors to avoid "Too many open files" error message.
# You need to run sarg as root to use ulimit tag.
# If you run sarg with a low privilege user, set to 'none' to disable ulimit
#
#ulimit 20000
# TAG: ntlm_user_format user|domainname+username
# NTLM users format.
#
#ntlm_user_format domainname+username
# TAG: realtime_refresh_time num sec
# How many time to auto refresh the realtime report
# 0 = disable
#
# realtime_refresh_time 3
# TAG: realtime_access_log_lines num
# How many last lines to get from access.log file
#
# realtime_access_log_lines 1000
# TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST
# Which records must be in realtime report.
#
# realtime_types GET,PUT,CONNECT
# TAG: realtime_unauthenticated_records: ignore|show
# What to do with unauthenticated records in realtime report.
#
# realtime_unauthenticated_records: show
# TAG: byte_cost value no_cost_limit
# Cost per byte.
# Eg. byte_cost 0.01 100000000
# per byte cost = 0.01
# bytes with no cost = 100 Mb
# 0 = disable
#
# byte_cost 0.01 50000000
# TAG: squid24 on|off
# Compatilibity with squid version <= 2.4 when using emulate_http_log on
#
# squid24 off
# TAG: sorttable path
# The path to a javascript script to dynamically sort the tables.
# The path is the link a browser must follow to find the script. For instance,
# it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script
# is at the root of your web site.
#
# If the path starts with "../" then it is assumed to be a relative
# path and sarg adds as many "../" as necessary to locate the js script from
# the output directory. Therefore, ../../sorttable.js links to the javascript
# one level above output_dir.
#
# If this entry is set, each sortable table will have the "sortable" class set.
# You may have a look at http://www.kryogenix.org/code/browser/sorttable/
# for the implementation on which sarg is based.
#
# sorttable /sorttable.js
# TAG: hostalias
# The name of a text file containing the host names one per line and the
# optional alias to use in the report instead of that host name.
# Host names may contain up to one wildcard denoted by a *. The wildcard
# must not end the host name.
# The host name may be followed by an optional alias but if no alias is
# provided, the host name, including the wildcard, replaces any matching
# host name found in the log.
# Host names replaced by identical aliases are grouped together in the
# reports.
# IP addresses are supported and accept the CIDR notation both for IPv4 and
# IPv6 addresses.
# Regular expressions can also be used if sarg was compiled with libpcre.
# A regular expression is formated as re:/regexp/ alias
# The regexp is a perl regular expression (see man perlre).
# Subpatterns are allowed in the alias. Sarg recognizes sed (\1) or perl ($1)
# subpatterns. Only 9 subpatterns are allowed in the replacement string.
#
# Example:
# *.gstatic.com
# mt*.google.com
# *.myphone.microsoft.com
# *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
# *.freeav.net antivirus:freeav
# *.mail.live.com
# 65.52.00.00/14 *.mail.live.com
# re:/\.dropbox\.com(:443)?/ dropbox
# re:/([\w-]+)\.(\w*[a-zA-Z]\w*)(?::\d+)?$/\1.\2
#hostalias /usr/local/sarg/hostalias
# TAG: keep_temp_log yes|no
# Keep temporary files created by sarg to produce its reports. The normal
# operation mode is to delete those files when they are not necessary any more.
#
# Never leave that option to "yes" for normal operation as temporary files
# left over by previous run can be included in subsequent reports.
#
# Use this option only to diagnose a problem with your reports. A better
# alternative is to run sarg from the command line with optino -k.
#keep_temp_log no