Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Shaukat Manji on June 27, 2001, 10:28:56 PM
-
Hi All,
I have a e-smith server and gateway setup and working fine.
Is there a package available that can track and report usage by internal lan users surfing the net. Top ten sites visited by the internal lan users etc.
Thanks,
Shaukat
-
Try Squid Analysis Report Generator (SARG). This will generate a webpage with usage statistice for LAN users and sites visited. You can find info on SARG here, but I don't recall where the e-smith rpm is to set it up right:
http://web.onda.com.br/orso/sarg.html
This only generates reports of what's going through squid, so if you want to see all web trafic on the LAN, you'll need to install transparent proxying. You can find info on that contrib rpm here:
http://www.e-smith.org/contrib/rpm-index/RPM-e-smith-transproxy-0.3-1.src.html
David Brown
FF&J Architects
dbrown@ffj.yi.org
-
Hello !
I use SARG for this. Squid Analysis Report Generator.
Generate html page with a lot of statistics. (user, time, bytes, url, top sites ...)
On my e-smith 4.0 server, all this master key in an ibay.
It is the script cgi-bin which pilots the binary sarg.
Statistics are then available for consultation in this even ibay.
I wrote this perl-cgi script and bash script for automatic install.
Download tar gz archive at http://sgmf.free.fr/analyse_squid_log.html
for install Squid Analysis Report Generator on E-Smith Server 4.0
un-zg and un-tar at root home this archive and read readme.us file.
Sarg is useful with the e-smith 4.1.x, for it it is necessary to modify script bash of installation named
install_sarg
This bash script test of the version of the distribution and path of the ibay supervisor before the install.
You can see the result and more in french at:
http://sgmf.free.fr/analyse_squid_log.html
Good stats
hugues michel
hugos@free-electron.org
-
You should use the squid proxy, which is already installed on e-smith, (a transparent proxy will be better - there is an e-smith rpm in the contrib section) and then analyze squid access log. A good analyzer is sarg (http://web.onda.com.br/orso/sarg.html).
You will find pre-built rpms on rpmfind.net or http://www.mobilia.it/filippo/download/
e-smith add-on rpm for sarg is also here:
ftp://ftp.e-smith.org/pub/e-smith/contrib/FilippoCarletti/RPMS/noarch/
Statistics will be generated every night, go to http://your-server/squid-reports and use the admin account to view the reports.
-
Few more questions.
(a transparent proxy will be better - there is an e-smith
rpm in the contrib section)
What does a transparent proxy do?
Do I just install it?
Do I have to make any changes on my win98 client machines?
Thanks to all for your help.
-
A transparent proxy is a proxy that the user is not aware of, ie you should not configure a proxy in your browser settings.
It works redirecting packets for port 80 of outside machines to local proxy.
Modification to ipchains and squid config is needed. User will use proxy even if they do not want.
More info and the rpm here:
http://www.e-smith.org/contrib/rpm-index/RPM-e-smith-transproxy-0.2-3.src.html
You should not enable proxy in your win clients.
-
I downloaded this contrib but when I do:
rpm -ivh e-smith-sarg-1.0.0-01.noarch.rpm
I get a dependancy error saying that the rpm is needed by "e-smith-sarg-1.0.0-01"!!
So I did a --nodeps install but it gave me an error that it cannot create a file.
When I go to http://myserver/squid-reports I get a "not authorized" message...
I did do a "console-save" after the upgrade.
what now? Appreciate your help
mahmood
-
You should also download sarg-1.1.1-1.i386.rpm, the real app.
Do a search on rpmfind.net or download from http://www.mobilia.it/filippo/download
You should install sarg and then e-smith-sarg which adds e-smith specific features to sarg (remove e-smith-sarg before).
Reports are generated every night, so you should wait the day after or run sarg by hands (look at /etc/crontab)
The squid-reports directory is accessible only to the admin account.
No console-save is needed, the rpm takes care of all (I hope).
Ciao,
Filippo
-
Thanx again Filippo, I'll download install and report back...
regards
Mahmood
-
Just tried Filippo and installed both rpm's okay.
When I try to look at the webpage (it's not there, ls doesn't list it, unless it is dynamic and hidden somewhere!) I get the 403 error although I did enter the admin's login name and password.
I'll try after 0330 and report back tomorrow if successful (or not!)
regards
mahmood
-
Still can't get access to /squid-reports as I am still getting the 403 error..
any suggestions?
-
Reports are written in /var/www/html/squid-reports.
The webpage is accessible only from inside (ie you can't browse reports from the internet).
-
I changed the owner.group to admin.admin on /var/www/html/squid-reports but still it doesn't allow me to access anything.
There are no files in that directory.And when I run /usr/sbin/sarg /etc/sarg/sarg.conf what it reports is SARG: No records found and SARG:End.
I am sure some people connected to my (virtual) websites on e-smith, although I can't tell if anyone attempted to telnet or ssh.
regards
Mahmood
-
Oh, track web access to your site !
I use webalizer, many analog, there should be an howto on e-smith.
SARG is for squid, to track where your users are going on the net, what sites they visit.
-
Thanx again Filippo, I'll look into this tonight... though on the SARG front, I still get a 403 (access not authorized) when I try to access /squid-reports...
regards
Mahmood
-
Hi i have the same error using SARG front, I still get a 403 (access not authorized) when I try to access /squid-reports...
regards
Jccm
-
You should log in with username 'admin' (and right password).
It should be accessible only from internal lan
If problem persists, please have a look at apache logs (/var/log/httpd/error_log)
-
Filippo,
I have setup SARG, but am getting the following errors when I try to access the report through my browser:
"403 access denied" error on my browser (even after loggin in as 'admin' user)
- plus -
I found the following when checking out the error_log file:
[Mon Oct 15 08:45:07 2001] [error] [client 192.168.1.249] Directory index forbid
den by rule: /var/www/html/squid-reports/
- plus -
when I look at my Logcheck email I see the following error:
Subject: Cron /usr/sbin/sarg /etc/sarg/sarg.conf
SARG: No records found
SARG: End
Any ideas what's happening here?
Regards,
Patrick
-
I've installed sarg well but I want to see users name instead of ip adresses in the report ... How can I do that ?
-
I've install SARG with us option, because my e-smith server and gateway release 4.1 I got the error message as follows;
-- Verifications --
Est-ce bien une e-smith 4.0?
e-smith server and gateway release 4.1
>Non : mauvaise version de distribution
How to solve this?
Thanks
-
The fastest way to use sarg is to download and install
http://www.mobilia.it/filippo/download/sarg-1.1.1-1.i386.rpm
and
ftp://ftp.e-smith.com/pub/e-smith/contrib/FilippoCarletti/RPMS/noarch/e-smith-sarg-1.0.0-01.noarch.rpm
Watch out, a new release is coming soon.
-
I've already use SARG but I need to STOP the automatic report generate every night. How do I do this?
Thanks
-
rm /etc/e-smith/templates/etc/crontab/sarg
/sbin/e-smith/expand-template /etc/crontab
How would you create reports then ?
-
Hi Filippo,
What I mean is where can I find the file start up (like autoexec.bat) or other file with configuration to start run the SARG every specific time inside. I saw when the last installation, system ask to give the option yes or no for the automatic report generated at specific time.
Please advise.
Thanks
-
Tried installing sarg both suggested ways
get same problem as
http://e-smith.org/bboard/read.php?f=3&i=7959&t=5196
and with the other method the same error as
http://e-smith.org/bboard/read.php?f=3&i=10790&t=5196
-
SARG HOWTO
rpm -Uvh sarg
rpm -Uvh e-smith-sarg
Wait past midnight.
-
thanks....working now
-
Hi Filippo,
I followed your Sarg Howto and installed sarg-1.2.1-1.i386.rpm and e-smith-sarg-1.2.1-2.noarch.rpm - it installed OK. Tested it afterwards by running /usr/sbin/sarg and it created the report under /var/www/html/squid/2002Jun30-2002Jul01.
But when I try to access it through the SARG panel in the Server Manager, I get the 404 error: "The page cannot be found".
Same problem when I checked the scheduled report generation after midnight: report is created in the corresponding directory, but cannot be accessed via Sarg reports link in Server Manager.
Any clues?
Rok