I've been using SARG (Squid Analysis Report Generator) for some years on OSX 10.4 and apart from the index sort going wrong now and again, its worked well.
Now I need to run it on 10.5, and thats a problem. The 2.08 version comes packages DMG and the installer runs OK, but always I get the error
- SARG: (index) Cannot open file: index.sort
After unzipping I placed this inside the applications folder, and then modified sarg.conf to have the same input and output files and directories, and the local locations for languages, exclude_codes etc. Doesn't work. SARG still expects the log file to be in
and wants to output into
This is how to get it running:
- download SARG 2.231 http://www.d2m.com.br/community/sarg_port/sarg2.231-mac-os-ppc-build.zip
- unzip etc and put in /Applications
Then from terminal run some commands:
- sudo sudo mkdir /usr/local/sarg2.231
- sudo cp -R /applications/sarg2.231/languages /usr/local/sarg2.231/languages
- sudo cp -R /applications/sarg2.231/exclude_codes /usr/local/sarg2.231/exclude_codes
- sudo cp -R /applications/sarg2.231/images /usr/local/sarg2.231/images
This creates the directories SARG is expecting to find in /usr/local and copies in the various resources.
Now you can copy or move you logs to, say
and then you can run SARG with the
- -l switch to specify the log file
- -o switch to specify the output directory
Then run the command to process your log file
- /applications/sarg2.231/bin/sarg -l /applications/sarg2.231/logs/squid-access.20090715.log -o /applications/sarg2.231/reports
SARG runs and you see the output
SARG: Records in file: 30052, reading: 100.00%
SARG: Successful report generated on /applications/sarg2.231/reports/2008Jul13-2008Jul15
You can then open
to read the output.
Here's the lst of SARG options and switches from man sarg
Show summary of options.
-a [hostname|ip address]
Limits report to records containing the specified hostname/ip address
Enables UserAgent log and writes it to filename.
Uses filename as the exclude files to select records that are not counted.
Uses date as the timelimit during logfile processing. Format for date is dd/mm/yyyy-dd/mm/yyyy
Sends report to email (stdout for console).
Reads configuration from filename.
Sets date format in generated reports.
e = Europe -> dd/mm/yy
u = USA -> mm/dd/yy
Generates reports by user and ip address.
NOTE: This requires the 'report_type' option in config file to contain "users_sites".
Uses filename as the input log.
Enables ip address resolution.
Writes report in dir.
Generates reports using ip address instead of userid.
Limits report to the site specified by string [eg. www.debian.org]
Limits records counted in statistics based on time-of-day. Format for string is HH or HH:MM or HH:MM:SS.
Limits reports to user activities.
Uses dir for temporary files.
Writes messages on processes to STDOUT
Writes debug messages to STDOUT
Convert the logfile's date/time field to human-readable.
Split the log file by date in -d parameter.