Installation of SARG on ClearOS 6.x or ClearOS 7.x Reports for your web proxy i.e. squid...
First you need to understand this...
It is your responsibility to determine the suitability of any information
and/or software you receive from this site.If they happen to break
something, that's solely your own problem and you get to keep any and all
of the pieces :-) Also, as this program generates web pages, it is your
responsibility to validate the security of your web-site against attacks
etc. The rpm version below is current as of the time of writing.
The access security for the install below is more suitable if you use
static address(s) for your workstations that will be used to access the sarg
reports. A better alternative method may be available in the future for
using dynamic addresses...
A pre-requisite for this install is squid (web proxy) running, in use
generating log records and the webserver (httpd/apache) running... If this is
NOT the case - then fix and come back later... Neither is installed by default so
check! "rpm -q httpd" and "rpm -q squid". Another pre-requisite is that
you are comfortable using the cli, familiar with rpms, repositories and
yum and lastly, editing configuration files.
These instructions were tested using ClearOS Community Edition, ClearoS 6.x
and 7.x. There seems no reason why they should not also apply to the Home
and Professional editions - but they are not available to the author. Any
feedback, good or bad, from use of these editions here is welcome.
1) Install SARG
Currently could find no rpm for ClearOS7, CentOS7 or rhel7 so have build one
using the latest source code from https://sourceforge.net/projects/sarg/
To add get the rpm file we require wget, and for SARG a pre-requisite is gd.
If not already installed install them...
to check if wget installed...
# rpm -q wget
to check if gd installed...
# rpm -q gd
ClearOS 7.x to install wget and gd...
# yum install wget gd --enablerepo=clearos-centos,clearos-epel,clearos-centos-updates
ClearOS 6.x to install wget and gd...
# yum install wget gd --enablerepo=clearos*
Now download the rpm...
ClearOS Version 7.x
# wget http://www.sraellis.tk/sarg7/sarg-2.3.10-3.v7.x86_64.rpm
ClearOS Version 6.x
# wget http://www.sraellis.tk/kmod-clearos/sarg-2.3.10-3.v6.x86_64.rpm
# then install it...
ClearOS Version 7.x
# yum localinstall sarg-2.3.10-3.v7.x86_64.rpm
Clear)S Version 6.x
# yum localinstall sarg-2.3.10-3.v6.x86_64.rpm
If you are using CleaOS 6.x 32 bit then substitute "sarg-2.3.10-3.v6.i686.rpm"
2) Configure SARG
Edit "/etc/sarg/sarg.conf" and make changes as necessary, e.g.
search for "#date_format u" and change if necessary to your local
format e.g. "date_format e" for European (remove the comment or #).
That should do for now as the defaults are reasonable, but by all means
check them all for suitability :-) (especially if you have changed some
of the squid or https/apache defaults).
3) Fix problem sub-directory locations...
# mkdir /usr/share/sarg/
# ln -s /etc/sarg/fonts/ /usr/share/sarg/
# ln -s /etc/sarg/languages/ /usr/share/sarg/
# ln -s /etc/sarg/images/ /usr/share/sarg/
4) Now we check that we can generate a report
# sarg -x
We now need to allow access to the sarg pages from your workstation.
edit "/etc/httpd/conf.d/sarg.conf" and add the ip address(s) you will
use (quad decimal format is OK if you prefer that). Add extra lines
for more workstations if required. An example :-
for 6.x
for 7.x
Restart the webserver using the following command...
ClearOS 7.x
# systemctl restart httpd.service
ClearOS 6.x
# service httpd restart
Run the following to check the cron scripts, there should be no output on
the command line...
# /etc/cron.daily/sarg
# /etc/cron.weekly/sarg
# /etc/cron.monthly/sarg
5) If you are running Content filter and Proxy - and machine(s) not using Proxy
intended for sarg access, do this - otherwise skip to 6)
For this setup to work you will need the machine(s) configured for Proxy Bypass,
otherwise you will end up with 404s and/or permission problems.
Go to Webconfig -> Gateway -> Content Filter and Proxy -> Web Proxy Server
Scroll down that page until you come to the "Rules" Panel
Edit "Bypass" then click "Add"
Make up a Nickname and add address of workstation that will NOT be
using the proxy. Click "Add" and repeat for each until finished... then
"Return to Summary".
6) Testing SARG - bliss :-) or despair :-( ?
Now go to http://your_webserver_ip/sarg and you should see the sarg home
page...
Click on "ONE-SHOT" and some data should appear, assuming squid has data
available, the rest will get populated as when the data from squid is
created and the various cron jobs run to create the reports (daily, weekly
and monthly). Note these cron jobs to update the reports run during the early
hours of the morning, so if you shut of the server over-night you will need
to make changes to ensure your reports are generated.
Access is limited to the name(s) or address(s) you enabled above. However,
if you use dynamic dhcp addresses, a different security method would be more
appropriate... This may be the subject of another "How-To" as and when time
permits...
Edit: Done... see https://www.clearos.com/clearfoundation/social/community/install-sarg-on-clearos-version-6-x-or-version-7-x-for-great-proxy-reports#reply-162001
Good Luck!
Home Page for sarg - http://sarg.sourceforge.net/
see https://www.clearos.com/clearfoundation/social/community/install-sarg-on-clearos-version-6-x-or-version-7-x-for-great-proxy-reports#reply-121561
for Andy Godber's tip for SARG Realtime, and a few posts above for more details regarding the logs
First you need to understand this...
It is your responsibility to determine the suitability of any information
and/or software you receive from this site.If they happen to break
something, that's solely your own problem and you get to keep any and all
of the pieces :-) Also, as this program generates web pages, it is your
responsibility to validate the security of your web-site against attacks
etc. The rpm version below is current as of the time of writing.
The access security for the install below is more suitable if you use
static address(s) for your workstations that will be used to access the sarg
reports. A better alternative method may be available in the future for
using dynamic addresses...
A pre-requisite for this install is squid (web proxy) running, in use
generating log records and the webserver (httpd/apache) running... If this is
NOT the case - then fix and come back later... Neither is installed by default so
check! "rpm -q httpd" and "rpm -q squid". Another pre-requisite is that
you are comfortable using the cli, familiar with rpms, repositories and
yum and lastly, editing configuration files.
These instructions were tested using ClearOS Community Edition, ClearoS 6.x
and 7.x. There seems no reason why they should not also apply to the Home
and Professional editions - but they are not available to the author. Any
feedback, good or bad, from use of these editions here is welcome.
1) Install SARG
Currently could find no rpm for ClearOS7, CentOS7 or rhel7 so have build one
using the latest source code from https://sourceforge.net/projects/sarg/
To add get the rpm file we require wget, and for SARG a pre-requisite is gd.
If not already installed install them...
to check if wget installed...
# rpm -q wget
to check if gd installed...
# rpm -q gd
ClearOS 7.x to install wget and gd...
# yum install wget gd --enablerepo=clearos-centos,clearos-epel,clearos-centos-updates
ClearOS 6.x to install wget and gd...
# yum install wget gd --enablerepo=clearos*
Now download the rpm...
ClearOS Version 7.x
# wget http://www.sraellis.tk/sarg7/sarg-2.3.10-3.v7.x86_64.rpm
ClearOS Version 6.x
# wget http://www.sraellis.tk/kmod-clearos/sarg-2.3.10-3.v6.x86_64.rpm
# then install it...
ClearOS Version 7.x
# yum localinstall sarg-2.3.10-3.v7.x86_64.rpm
Clear)S Version 6.x
# yum localinstall sarg-2.3.10-3.v6.x86_64.rpm
If you are using CleaOS 6.x 32 bit then substitute "sarg-2.3.10-3.v6.i686.rpm"
2) Configure SARG
Edit "/etc/sarg/sarg.conf" and make changes as necessary, e.g.
search for "#date_format u" and change if necessary to your local
format e.g. "date_format e" for European (remove the comment or #).
That should do for now as the defaults are reasonable, but by all means
check them all for suitability :-) (especially if you have changed some
of the squid or https/apache defaults).
3) Fix problem sub-directory locations...
# mkdir /usr/share/sarg/
# ln -s /etc/sarg/fonts/ /usr/share/sarg/
# ln -s /etc/sarg/languages/ /usr/share/sarg/
# ln -s /etc/sarg/images/ /usr/share/sarg/
4) Now we check that we can generate a report
# sarg -x
We now need to allow access to the sarg pages from your workstation.
edit "/etc/httpd/conf.d/sarg.conf" and add the ip address(s) you will
use (quad decimal format is OK if you prefer that). Add extra lines
for more workstations if required. An example :-
for 6.x
Alias /sarg /var/www/sarg
<Directory /var/www/sarg>
DirectoryIndex index.html
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
# Allow from your-workstation.com
Allow from 192.168.2.28
Allow from 192.168.1.17
Allow from 192.168.3.27
</Directory>
for 7.x
Alias /sarg /var/www/sarg
<Directory /var/www/sarg>
DirectoryIndex index.html
# Order deny,allow
# Deny from all
Require all granted
Allow from 127.0.0.1
Allow from ::1
# Allow from your-workstation.com
Allow from 192.168.2.28
Allow from 192.168.1.17
Allow from 192.168.3.27
</Directory>
Restart the webserver using the following command...
ClearOS 7.x
# systemctl restart httpd.service
ClearOS 6.x
# service httpd restart
Run the following to check the cron scripts, there should be no output on
the command line...
# /etc/cron.daily/sarg
# /etc/cron.weekly/sarg
# /etc/cron.monthly/sarg
5) If you are running Content filter and Proxy - and machine(s) not using Proxy
intended for sarg access, do this - otherwise skip to 6)
For this setup to work you will need the machine(s) configured for Proxy Bypass,
otherwise you will end up with 404s and/or permission problems.
Go to Webconfig -> Gateway -> Content Filter and Proxy -> Web Proxy Server
Scroll down that page until you come to the "Rules" Panel
Edit "Bypass" then click "Add"
Make up a Nickname and add address of workstation that will NOT be
using the proxy. Click "Add" and repeat for each until finished... then
"Return to Summary".
6) Testing SARG - bliss :-) or despair :-( ?
Now go to http://your_webserver_ip/sarg and you should see the sarg home
page...
Click on "ONE-SHOT" and some data should appear, assuming squid has data
available, the rest will get populated as when the data from squid is
created and the various cron jobs run to create the reports (daily, weekly
and monthly). Note these cron jobs to update the reports run during the early
hours of the morning, so if you shut of the server over-night you will need
to make changes to ensure your reports are generated.
Access is limited to the name(s) or address(s) you enabled above. However,
if you use dynamic dhcp addresses, a different security method would be more
appropriate... This may be the subject of another "How-To" as and when time
permits...
Edit: Done... see https://www.clearos.com/clearfoundation/social/community/install-sarg-on-clearos-version-6-x-or-version-7-x-for-great-proxy-reports#reply-162001
Good Luck!
Home Page for sarg - http://sarg.sourceforge.net/
see https://www.clearos.com/clearfoundation/social/community/install-sarg-on-clearos-version-6-x-or-version-7-x-for-great-proxy-reports#reply-121561
for Andy Godber's tip for SARG Realtime, and a few posts above for more details regarding the logs
Share this post:
Responses (46)
-
Accepted Answer
Tony - excellent as ever - your rpm saved me the hassle of building from source.
To put the icing on the cake, might I suggest including sarg realtime?
Creation of a php script (I call mine squid.php):
code:
<?php
system("/usr/bin/sarg -f /etc/sarg/sarg.conf -r /var/log/squid/access.log");
?>
Then access http://your_webserver_ip/sarg/squid.php
You may need to change the access permissions on /var/log/squid and all its contents (if you see the sarg realtime header, but no data). -
Accepted Answer
-
Accepted Answer
The following will maintain the necessary permissions when the squid logs are rotated so that "sarg realtime" continues to function...
[root@sandra ~]# cat /etc/logrotate.d/squid
/var/log/squid/*.log {
daily
rotate 95
compress
notifempty
missingok
create squid apache
sharedscripts
postrotate
# Asks squid to reopen its logs. (logfile_rotate 0 is set in squid.conf)
# errors redirected to make it silent if squid is not running
/usr/sbin/squid -k rotate 2>/dev/null
# Wait a little to allow Squid to catch up before the logs is compressed
sleep 1
endscript
}
[root@sandra ~]#
Note the change from "nocreate" to "create squid apache".
Also note the rotation daily, and retaining just over 3 months of logs. You might not want this :-) -
Accepted Answer
-
Accepted Answer
Do you get SARG to resolve IPs to hostnames
Not sure which IPs you are taking about here...
By default my "userids" and "accessed site" columns on the various pages are listed by hostname - not 4 quad ip numbers.
Examples...
NUM USERID CONNECT BYTES %BYTES IN-CACHE-OUT ELAPSED TIME MILLISEC %TIME
1 G T carolyn-1.sraellis.com 1.45K 536.02M 98.15% 0.20% 99.80% 01:25:17 5.117.928 87.59%
2 G T danda-5.sraellis.com 1.31K 10.08M 1.85% 7.00% 93.00% 00:12:04 724.803 12.41%
TOTAL 2.76K 546.10M 0.32% 99.68% 01:37:22 5.842.731
AVERAGE 1.38K 273.05M 00:48:41 2.921.365
Generated by sarg-2.3.10 Apr-12-2015 on 05/May/2016-04:01
Squid User Access Report
Period: 28 Apr 2016—04 May 2016
User: danda-5.sraellis.com
Sort: bytes, reverse
User report
ACCESSED SITE CONNECT BYTES %BYTES IN-CACHE-OUT ELAPSED TIME MILLISEC %TIME
T www.overclockers.com.au 80 3.33M 33.07% 0.14% 99.86% 00:00:11 11.673 1.61%
T signature.statseb.fr 33 2.72M 26.98% 0.00% 100.00% 00:00:59 59.216 8.17%
T stats.free-dc.org 7 675.10K 6.70% 0.00% 100.00% 00:00:10 10.112 1.40%
T www.westpac.com.au 53 431.30K 4.28% 91.65% 8.35% 00:00:06 6.250 0.86%
T home.ancestry.com.au 11 348.45K 3.46% 0.00% 100.00% 00:00:25 25.665 3.54%
T cdn.sstatic.net 7 283.26K 2.81% 0.00% 100.00% 00:00:00 917 0.13%
T abr.business.gov.au 10 176.89K 1.75% 45.51% 54.49% 00:00:10 10.574 1.46%
T www.linksysinfo.org 14 153.29K 1.52% 0.00% 100.00% 00:00:07 7.311 1.01%
... snipped
Note that my ClearOS 7.2 system is a test box and doesn't see much traffic. Main servers still on 6.x -
Accepted Answer
Hi Tony
Under userid I am getting IPs
e.g
NUM USERID CONNECT BYTES %BYTES IN-CACHE-OUT ELAPSED TIME MILLISEC %TIME
1 G T 192.168.1.113 7.82K 5.30G 55.69% 3.01% 96.99% 24:44:24 89.064.539 38.82%
2 G T 192.168.1.20 19.55K 2.77G 29.13% 0.19% 99.81% 21:39:47 77.987.969 33.99%
Do you use the usertab option in sarg.conf or resolve some other way? -
Accepted Answer
The only change can remember doing was to change the date format as per the instructions...
Have copied my /etc/sarg.conf file to the web-site as /sarg7/sarg.sandra.conf if you want to compare.
http://danda.poweredbyclear.com/sarg7/sarg.sandra.conf
Does 192.168.1.113 etc resolve on the machine running sarg?
Only other difference would be a full-blown name server here using bind and complete zone files for each sub-net together with full reverse lookup. -
Accepted Answer
-
Accepted Answer
Sorry - cannot help you there as I don't use dnsmasq - too limited in features.
I run multiple servers and don't want to be without DNS and DHCP for my systems if I were to only run the daemons on one machine and have to take it down.
Using bind I can have multiple slave DNS automatically synced. ISC's DHCP daemon can be run on two machine with automatic failover between them. The leases are synced between the two machines and if the master fails, the secondary takes over. Upon restoration if either machine has been down, the two are re-synced. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Hi Duncan
No - not experienced that problem myself, though doing a search I see a few have...
A few questions...
1. What changes, if any, have you made to /etc/sarg/sarg.conf
2. Do you use SquidGuard?
3. Are you using dansguardian logs
4. Do the daily and weekly reports run OK?
5, Can you post the output of :-
# ls -lad /var/log/squid/access.log*
# du -csh /var/log/squid/access.log* | tail -n 1
# cat /etc/cron.monthly/sarg
# uname -r
# rpm -q glibc -
Accepted Answer
Hi Tony
Have you had any issues with buffer overflows with SARG.
If I run the command below I get a buffer overflow
[root@cos ~]# /etc/cron.monthly/sarg
*** buffer overflow detected ***: /usr/bin/sarg terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x7f66ab0b4567]
/lib64/libc.so.6(+0x100450)[0x7f66ab0b2450]
/lib64/libc.so.6(+0xff8a9)[0x7f66ab0b18a9]
/lib64/libc.so.6(_IO_default_xsputn+0xc9)[0x7f66ab026639]
/lib64/libc.so.6(_IO_vfprintf+0x11d8)[0x7f66aaff71a8]
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x7f66ab0b194d]
/lib64/libc.so.6(__sprintf_chk+0x7f)[0x7f66ab0b188f]
/usr/bin/sarg[0x4039a8]
/usr/bin/sarg[0x40f42a]
/usr/bin/sarg[0x40d5d7]
/usr/bin/sarg[0x40c183]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x7f66aafd0d5d]
/usr/bin/sarg[0x4029a9]
======= Memory map: ========
00400000-00436000 r-xp 00000000 fd:00 137892334 /usr/bin/sarg
00635000-00637000 rw-p 00035000 fd:00 137892334 /usr/bin/sarg
Googling has not given me a clear resolution.
Thanks
Duncan -
Accepted Answer
Hi Tony
Answers inline
1. What changes, if any, have you made to /etc/sarg/sarg.conf
No changes
2. Do you use SquidGuard?
No
3. Are you using dansguardian logs
No Squid logs
4. Do the daily and weekly reports run OK?
Yes
5, Can you post the output of :-
# ls -lad /var/log/squid/access.log*
[root@cos monthly]# ls -lad /var/log/squid/access.log*
-rw-r----- 1 squid apache 7890561 May 31 07:39 /var/log/squid/access.log
-rw-r----- 1 squid squid 52201357 Apr 24 03:35 /var/log/squid/access.log-20160 424.gz
-rw-r----- 1 squid squid 41751262 May 1 03:44 /var/log/squid/access.log-20160 501.gz
-rw-r----- 1 squid squid 37049203 May 8 03:31 /var/log/squid/access.log-20160 508.gz
-rw-r----- 1 squid squid 51792643 May 15 03:36 /var/log/squid/access.log-20160 515.gz
-rw-r----- 1 squid squid 115530605 May 22 03:35 /var/log/squid/access.log-20160 522.gz
-rw-r----- 1 squid squid 34122726 May 24 03:47 /var/log/squid/access.log-20160 524.gz
-rw-r----- 1 squid apache 18924248 May 25 03:31 /var/log/squid/access.log-20160 525.gz
-rw-r----- 1 squid apache 17943088 May 26 03:22 /var/log/squid/access.log-20160 526.gz
-rw-r----- 1 squid apache 20557681 May 27 03:41 /var/log/squid/access.log-20160 527.gz
-rw-r----- 1 squid apache 12187022 May 28 03:47 /var/log/squid/access.log-20160 528.gz
-rw-r----- 1 squid apache 7593792 May 29 03:43 /var/log/squid/access.log-20160 529.gz
-rw-r----- 1 squid apache 12334699 May 30 03:08 /var/log/squid/access.log-20160 530.gz
-rw-r----- 1 squid apache 17941559 May 31 03:29 /var/log/squid/access.log-20160 531.gz
# du -csh /var/log/squid/access.log* | tail -n 1
du -csh /var/log/squid/access.log* | tail -n 1
428M total
# cat /etc/cron.monthly/sarg
[root@cos monthly]# cat /etc/cron.monthly/sarg
#!/bin/bash
LOG_FILES=
for FILE in /var/log/squid/access.log*; do
LOG_FILES="$LOG_FILES -l $FILE"
done
# Get yesterday's date
YESTERDAY=$(date --date "1 day ago" +%d/%m/%Y)
# Get 1 month ago date
MONTHAGO=$(date --date "1 month ago" +%d/%m/%Y)
exec /usr/bin/sarg \
$LOG_FILES \
-o /var/www/sarg/monthly \
-d $MONTHAGO-$YESTERDAY &>/dev/null
exit 0
# uname -r
2.6.32-573.1.1.v6.x86_64
# rpm -q glibc
glibcglibc-2.12-1.166.el6_7.7.x86_64
Thanks
Duncan -
Accepted Answer
Duncan, Now I am confused... what did you install?
The rpm sarg-2.3.10-2.v7.x86_64.rpm was built on a ClearOS Version 7.x machine for ClearOS 7.x - as the thread Subject indicates...
The kernel and glibc information you provided indicates you are running ClearOS 6.x ????
There is a separate thread in these forums for sarg on ClearOS 6.x
https://www.clearos.com/clearfoundation/social/community/sarg-reporting-on-clearos-6-5
If you like, I could create a ClearOS 6.x rpm, but no idea if that would solve your problem...
I see your changed to daily log files for squid about May 24... -
Accepted Answer
Hi Tony
I followed the instructions here http://danda.poweredbyclear.com/master-frame-sargv6.html
And installed SARG via yum - so I didn't install a specific RPM
yum --enablerepo=rpmforge-testing install sarg
Yes I am running COS 6.7 -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
OK - new rpm created and the instructions at the beginning of this append updated (as well as the subject) for both Versions 6 and 7 of ClearOS.
Duncan - in your case as you already have sarg installed it should do an upgrade... However, there were some new options added to the config file /etc/sarg/sarg.conf, so I recommend you (and any body-else with a prior version) rename yours and edit the new one with any changes you want to make. Let me know how you go. I followed the instructions and it worked for me - so hopefully you meet with the same success. As to the buffer overflow - we will see... -
Accepted Answer
-
Accepted Answer
Fantastic - thanks for the feedback... There are quite of number of changes and bug fixes from 2.3.1 -> 2.3.10, especially two removing a 2G size limitation.
I have updated the instructions on my site to reflect the newer rpm...
http://www.sraellis.tk/master.php?topic=sarg_installv6
The source files, for anybody interested, are available at :-
http://www.sraellis.tk/kmod-clearos7/sarg-2.3.10-3.v7.src.rpm
http://www.sraellis.tk/kmod-clearos/sarg-2.3.10-3.v6.src.rpm -
Accepted Answer
OK, after spending some time learning a little about using the visual editor I go to restart the webserver this happens:
[root@gateway ~]# systemctl restart httpd.service
Failed to restart httpd.service: Unit httpd.service failed to load: No such file or directory.
Any idea what I am missing? -
Accepted Answer
Any idea what I am missing?
A bit more detail about your problem than what you have provided would be very good starting point. Such as :-
"visual editor" doesn't convey enough detail - please provide the exact program name. Can only think that perhaps you mean some full screen editor such as nano, joe or vi? Were you using a native linux editor, or some windows editor via a connection to ClearOS. If a windows program what was it - as linux text files use a different standard to text files in windows - and using a windows editor can corrupt linux text files unless you use the correct option. If that corrupt file happens to be a configuration file for a linux program - then that program will not start or run correctly. Also please explain what the connection to sarg is, and what you were trying to accomplish with this "visual editor". Edit some sarg configuration file or ??? I don't understand the connection with sarg from your post...
Since you used "systemctl" this assumes you are using ClearOS 7.x (It's a good idea to mention the OS version). Lets check some basics...
What did you change, add, delete or attempt to do? Must have been something...
Is httpd installed "rpm -q httpd"
Does it verify "rpm -V httpd" see https://docs.fedoraproject.org/en-US/Fedora_Draft_Documentation/0.1/html/RPM_Guide/ch04s04.html or similar for an explanation of the resulting columns
You should have a symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service if httpd is enabled.
Do both of these files exist? "ls -lad /etc/systemd/system/multi-user.target.wants/httpd.service" "ls -lad /usr/lib/systemd/system/httpd.service"
Finally, please list the diagnostic steps you took yourself to determine the cause of the problem before asking here on the forum. There is nothing worse that some-one posting a problem on the forum, then another person taking the time to answer with some suggestions - then for the original poster to come back with "I had already tried that" Arghhh.... Let us know from the get-go... -
Accepted Answer
Michael W. Petrarca wrote:
Install the webserver? "rpm -qa | grep httpd" to see if it is installed.
OK, after spending some time learning a little about using the visual editor I go to restart the webserver this happens:
[root@gateway ~]# systemctl restart httpd.service
Failed to restart httpd.service: Unit httpd.service failed to load: No such file or directory.
Any idea what I am missing? -
Accepted Answer
Thanks to getting back with me. I was told that SARG could give me more info then the standard proxy reports on ClearOS, I am trying to figure out what is being blocked by the proxy that is listed as my gateway's ip. Yes I have ClearOS 7. All seemed to be going fine, I was copying/pasting every command in your instructions using Putty to apply the changes to my ClearOS machine, until I tried to restart the webserver. Yes I edited "/etc/httpd/conf.d/sarg.conf" using vi, have never used vi so it was a learning process.
Well my assumption that hpptd was a core module in ClearOS is clearly wrong. I am guessing hpptd is also known as Apache which I seem to remember seeing in older versions. I am sorry for my ignorance, I do great with the webconfig but when I have to use the command line I am totally lost.
I have yum installed httpd and will try to see where it gets me.
Thanks again and sorry for the confusion. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Thanks for the clarification, a much better append. Remember ASSUME - makes an "ASS of yoU & ME" :-)
I have now edited the instructions here and on my site...
A pre-requisite for this install is squid (web proxy) running, in use
generating log records and the webserver (httpd/apache) running... If this is
NOT the case - then fix and come back later... Neither is installed by default so
check! "rpm -q httpd" and "rpm -q squid". Another pre-requisite is that
you are comfortable using the cli, familiar with rpms, repositories and
yum and lastly, editing configuration files.
Any other clarifications welcome... -
Accepted Answer
The initial instructions had these words :-
The access security for the install below is more suitable if you use
static address(s) for your workstations that will be used to access the sarg
reports. A better alternative method may be available in the future for
using dynamic addresses...
That 'future' is now :-)
add the following 4 lines to /etc/httpd/conf.d/sarg.conf just before the </Directory> line
Require valid-user
AuthUserFile /etc/sarg/.htpasswd.users
AuthType Basic
AuthName "sarg"
An example from one of my systems
Alias /sarg /var/www/sarg
<Directory /var/www/sarg>
DirectoryIndex index.html
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Allow from 192.168.2.28
Allow from 192.168.2.128
Allow from 192.168.2.228
Allow from 192.168.1.17
Allow from 192.168.3.17
Require valid-user
AuthUserFile /etc/sarg/.htpasswd.users
AuthType Basic
AuthName "sarg"
</Directory>
Run the following command, create a strong password
htpasswd -cm /etc/sarg/.htpasswd.users sarg
Restart the webserver
ClearOS 6.x # service httpd restart
ClearOS7.x # systemctl restart httpd.service
Now use your web-browser to look at some sarg stats...
You should get a box to login..
User Name is sarg
Password is xxxxx (whatever you just generated
Enjoy... -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Hi Tony
At first I thought I could use the flexshare security, based on users, and we can also make flexshares available to lan only. So the idea is that by using flexshare I could use some of the already built in functions to protect and control the app and data, plus avoid having SARG available to the web in case we use web server to host anything. And I'm curious to know if it works...
For instance, I have installed PIWIK and other similar tools on flexshares to monitor web apps before; some apps were hosted on flexshares and on the web host as well.
Makes sense? -
Accepted Answer
-
Accepted Answer
Thanks for the complete guide! I am not a total linux noob, but new to ClearOS. I have followed your guide on the latest ClearOS. We're using Web Proxy and Content Filter with the AD Connector to our Windows Domain. I installed Web Server via gui previous to starting your instructions, and then installed gd also via CLI.
Everything is fine and dandy, all through the cron test and sarg -x, however I cannot for the life of me get to the website from any browser. I am getting slightly different behavior depending on if my client has the proxy set or not. On my work desktop, where i am not using the proxy, i get 404 not founds for http://ip/sarg and for https://ip/sarg i get "IP sent an invalid response." On a test laptop that is using the proxy, I simply receive "Forbidden, you do not have access to /sarg on this server."
I have added both IPs (static) to the sarg.conf and restarted httpd, as well as the server, with no change.
I'm kind of lost at this point, not really sure how to proceed. Any suggestions?
ClearOS 7, non-transparent Gateway mode.
Thanks! -
Accepted Answer
Are you accessing via LAN or WAN?
Can you post your '/etc/httpd/conf.d/sarg.conf' file...
These instructions for 7.x were written when 7.x was in Beta - just powered up that test machine, now upgraded to 7.3, and sarg pages are still accessible.
If you are using proxy - did you put the proxy address in the sarg.conf file. All browsers here are configured to not use the proxy for any local servers - only Internet sites.
Don't use the Content Filter, or AD Connector for that matter. Are you sure the Content Filter isn't blocking (no idea how to check - never investigated it...)
What is recorded in "/var/log/httpd/error_log"
Wouldn't expect https to work without other changes. Have it working here on 6.8 - still todo for 7.3 - but that is for another rainy day ;-)
Update:
Can you try adding "Require all granted" to the sarg.conf file and comment out "Order deny,allow" and "Allow from all" - this was necessary for SOGo - but wasn't necessary here for sarg...
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »