How to install SARG on CentOS 7

To install SARG on CentOS 7

SARG is the Acronym for Squid Analysis Report Generator and Internet Bandwidth Monitoring tool. It is an open source tool that allows you to analyse the squid log files and generates reports in HTML format with information about users, IP addresses, top accessed sites, elapsed time, downloads, access denied websites, daily reports, weekly reports and monthly reports. The SARG is widely used to check how the internet bandwidth is utilized by individual machines on the same network. Before starting the installation procedure, install and configure Squid server act as a transparent proxy . This tutorial explains the installation procedure of SARG on CentOS 7.

Installation procedure

To beging with the installation process, install all the required packages for the Squid to run in and execute the following command. 

[root@linuxhelp squid]# yum install &ndash y gcc gd gd-devel make perl-GD httpd
Loaded plugins: fastestmirror, langpacks
base                                                     | 3.6 kB     00:00     
epel/x86_64/metalink                                     | 5.0 kB     00:00     
extras                                                   | 3.4 kB     00:00     
updates                                                  | 3.4 kB     00:00     
webtatic                                                 | 3.6 kB     00:00     
Loading mirror speeds from cached hostfile
 * base: centos.mirror.net.in
 * epel: mirror01.idc.hinet.net
 * extras: centos.mirror.net.in
 * updates: mirror.ehost.vn
 * webtatic: sp.repo.webtatic.com
Package gd-2.0.35-26.el7.x86_64 already installed and latest version
Resolving Dependencies
-->  Running transaction check
--->  Package gcc.x86_64 0:4.8.5-16.el7 will be installed
-->  Processing Dependency: libgomp = 4.8.5-16.el7 for package: gcc-4.8.5-16.el7.x86_64
-->  Processing Dependency: cpp = 4.8.5-16.el7 for package: gcc-4.8.5-16.el7.x86_64
-->  Processing Dependency: libgcc > = 4.8.5-16.el7 for package: gcc-4.8.5-16.el7.x86_64
-->  Processing Dependency: glibc-devel > = 2.2.90-12 for package: gcc-4.8.5-
16.el7.x86_64
-->  Processing Dependency: libmpc.so.3()(64bit) for package: gcc-4.8.5-16.el7.x86_64
--->  Package gd-devel.x86_64 0:2.0.35-26.el7 will be installed
-->  Processing Dependency: zlib-devel for package: gd-devel-2.0.35-26.el7.x86_64
-->  Processing Dependency: libpng-devel for package: gd-devel-2.0.35-26.el7.x86_64
-->  Processing Dependency: libjpeg-devel for package: gd-devel-2.0.35-26.el7.x86_64
.

.
.
.
Updated:
  httpd.x86_64 0:2.4.6-67.el7.centos.2         make.x86_64 1:3.82-23.el7        

Dependency Updated:
  expat.x86_64 0:2.1.0-10.el7_3      fontconfig.x86_64 0:2.10.95-11.el7        
  freetype.x86_64 0:2.4.11-15.el7    glibc.x86_64 0:2.17-196.el7               
  glibc-common.x86_64 0:2.17-196.el7 httpd-tools.x86_64 0:2.4.6-67.el7.centos.2
  libX11.x86_64 0:1.6.5-1.el7        libX11-common.noarch 0:1.6.5-1.el7        
  libXpm.x86_64 0:3.5.12-1.el7       libgcc.x86_64 0:4.8.5-16.el7              
  libgomp.x86_64 0:4.8.5-16.el7      libpng.x86_64 2:1.5.13-7.el7_2            
  libxcb.x86_64 0:1.12-1.el7         zlib.x86_64 0:1.2.7-17.el7                

Complete!

Start and enable the Apache service. 

[root@linuxhelp squid]# systemctl start httpd
[root@linuxhelp squid]# systemctl enable httpd
ln -s ' /usr/lib/systemd/system/httpd.service'  ' /etc/systemd/system/multi-
user.target.wants/httpd.service'

Open the Apache configuration file using vim editor and enter the ServerName in the file. Save and exit the file. 

[root@linuxhelp squid]# vim /etc/httpd/conf/httpd.conf 
ServerName 192.168.7.165:80

Restart apache service. Set the firewall and the firewall rules in the Squid by running the following set of commands. 

[root@linuxhelp squid]# systemctl restart httpd
[root@linuxhelp squid]# firewall-cmd --add-port=80/tcp --permanent
success
[root@linuxhelp squid]# firewall-cmd --reload
success

Download the latest SARG source file using wget command followed by the download link. 

[root@linuxhelp ~]# wget http://liquidtelecom.dl.sourceforge.net/project/sarg/sarg/sarg-2.3.10/sarg-2.3.10.tar.gz
--2017-09-23 11:39:05--  
http://liquidtelecom.dl.sourceforge.net/project/sarg/sarg/sarg-2.3.10/sarg-
2.3.10.tar.gz
Resolving liquidtelecom.dl.sourceforge.net (liquidtelecom.dl.sourceforge.net)...
197.155.77.8
Connecting to liquidtelecom.dl.sourceforge.net (liquidtelecom.dl.sourceforge.net)|
197.155.77.8|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1270660 (1.2M) [application/x-gzip]
Saving to: ‘ sarg-2.3.10.tar.gz’ 

100%[======================================> ] 1,270,660   --.-K/s   in 0.03s   

2017-09-23 11:39:27 (42.2 MB/s) - ‘ sarg-2.3.10.tar.gz’  saved [1270660/1270660]

Extract the downloaded package by executing the tar command followed by the downloaded file. 

[root@linuxhelp ~]# tar -xvzf sarg-2.3.10.tar.gz 
sarg-2.3.10/ABOUT-NLS
sarg-2.3.10/aclocal.m4
sarg-2.3.10/auth.c
sarg-2.3.10/authfail.c
sarg-2.3.10/BETA-TESTERS
sarg-2.3.10/btree_cache.c
sarg-2.3.10/cfgaux/compile
sarg-2.3.10/cfgaux/config.guess
sarg-2.3.10/cfgaux/config.rpath
.
.
.
.
.
sarg-2.3.10/topsites.c
sarg-2.3.10/topuser.c
sarg-2.3.10/totday.c
sarg-2.3.10/url.c
sarg-2.3.10/usage.c
sarg-2.3.10/useragent.c
sarg-2.3.10/userinfo.c
sarg-2.3.10/user_limit_block
sarg-2.3.10/usertab.c
sarg-2.3.10/util.c
sarg-2.3.10/configure

Move to this directory path . 

[root@linuxhelp ~]# cd sarg-2.3.10/po/

Run the following configure script. 

[root@linuxhelp sarg-2.3.10]# ./configure 
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables... 
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
.
.
.
.
checking for /usr/share/sgml/docbook/xsl-data-stylesheets/manpages/docbook.xsl... no
checking for /usr/share/sgml/docbook/data-stylesheet/xsl/docbook-xsl/html/onechunk.xsl...
no
checking for /usr/share/sgml/docbook/xsl-data-stylesheets/html/onechunk.xsl... no
configure: creating ./config.status
config.status: creating Makefile
config.status: creating po/Makefile.in
config.status: executing po-directories commands
config.status: creating po/POTFILES
config.status: creating po/Makefile
configure: pcre.h was not found so the regexp won' t be available in the hostalias

Run the Make command as follows. 

[root@linuxhelp sarg-2.3.10]# make
gcc -std=gnu99 -c -I.  -DBINDIR=" /usr/local/bin"  -DSYSCONFDIR=" /usr/local/etc"  -
DFONTDIR=" /usr/local/share/sarg/fonts"  -DIMAGEDIR=" /usr/local/share/sarg/images" 
-DSARGPHPDIR=" /var/www/html"  -DLOCALEDIR=" /usr/local/share/locale"  -
DPACKAGE_NAME=" sarg"  -DPACKAGE_TARNAME=" sarg"  -DPACKAGE_VERSION=" 2.3.10"  -
DPACKAGE_STRING=" sarg 2.3.10"  -DPACKAGE_BUGREPORT=" "  -DPACKAGE_URL=" "  -
DHAVE_DIRENT_H=1 -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -
DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -
DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STDIO_H=1 -
DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_STRINGS_H=1 -DHAVE_SYS_TIME_H=1 -
DHAVE_TIME_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DIRENT_H=1 -DHAVE_SYS_TYPES_H=1 -
DHAVE_SYS_SOCKET_H=1 -DHAVE_NETDB_H=1 -DHAVE_ARPA_INET_H=1 -DHAVE_NETINET_IN_H=1 -
DHAVE_SYS_STAT_H=1 -DHAVE_CTYPE_H=1 -DHAVE_ERRNO_H=1 -DHAVE_SYS_RESOURCE_H=1 -
DHAVE_SYS_WAIT_H=1 -DHAVE_STDARG_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_LIMITS_H=1 -
DHAVE_LOCALE_H=1 -DHAVE_EXECINFO_H=1 -DHAVE_MATH_H=1 -DHAVE_LIBINTL_H=1 -
DHAVE_LIBGEN_H=1 -DHAVE_STDBOOL_H=1 -DHAVE_GETOPT_H=1 -DHAVE_FCNTL_H=1 -DHAVE_GD_H=1
-DHAVE_GDFONTL_H=1 -DHAVE_GDFONTT_H=1

.
.
.
.
=1 -DSIZEOF_RLIM_T=8 -DRLIM_STRING=" %lli"  -g -O2 -Wall -Wno-sign-compare -Wextra -
Wno-unused-parameter -Werror=implicit-function-declaration -Werror=format url.c
gcc -std=gnu99  util.o log.o report.o topuser.o email.o sort.o html.o index.o
getconf.o usage.o decomp.o ip2name.o ip2name_dns.o useragent.o exclude.o convlog.o
totday.o repday.o datafile.o indexonly.o splitlog.o lastlog.o topsites.o siteuser.o
css.o smartfilter.o denied.o authfail.o charset.o dichotomic.o redirector.o auth.o
download.o grepday.o ip2name_exec.o dansguardian_log.o dansguardian_report.o
realtime.o btree_cache.o usertab.o userinfo.o longline.o url.o -o sarg -lgd  -lm

Now run the Make install command as follows. 

[root@linuxhelp sarg-2.3.10]# make install
cd po   make install
make[1]: Entering directory `/root/sarg-2.3.10/po' 
test ! -f ./sarg.pot || 
  test -z " bg.gmo ca.gmo cs.gmo da.gmo de.gmo el.gmo es.gmo fr.gmo hu.gmo id.gmo
it.gmo ja.gmo lv.gmo nl.gmo pl.gmo pt.gmo pt_BR.gmo ro.gmo ru.gmo sk.gmo sr.gmo tr.gmo
uk.gmo zh_CN.gmo"  || make bg.gmo ca.gmo cs.gmo da.gmo de.gmo el.gmo es.gmo fr.gmo
hu.gmo id.gmo it.gmo ja.gmo lv.gmo nl.gmo pl.gmo pt.gmo pt_BR.gmo ro.gmo ru.gmo sk.gmo
sr.gmo tr.gmo uk.gmo zh_CN.gmo
make[2]: Entering directory `/root/sarg-2.3.10/po' 
make[2]: `bg.gmo'  is up to date.
make[2]: `ca.gmo'  is up to date.
make[2]: `cs.gmo'  is up to date.
make[2]: `da.gmo'  is up to date.
make[2]: `de.gmo'  is up to date.
make[2]: `el.gmo'  is up to date.

.
.
.
.
cp sarg.1 /usr/local/share/man/man1/sarg.1
chmod 755 /usr/local/share/man/man1/sarg.1
cp /usr/local/etc/sarg.conf
cp ./exclude_codes /usr/local/etc 
cp ./user_limit_block /usr/local/etc 
cp -r ./images/* /usr/local/share/sarg/images 
Creating /usr/local/share/sarg/fonts
cp -r ./css.tpl /usr/local/etc

In Sarg.conf configuration file, uncomment and change the access log. Next change the output directory path to save the generate squid reports in that directory. Then change the date format to e to display the report. Uncomment and set Overwrite report to ‘ Yes’ . Make the following changes in the file and save it. 

[root@linuxhelp sarg-2.3.10]# vim /usr/local/etc/sarg.conf 
# sarg.conf
#
# TAG:  access_log file
#       Where is the access.log file
#       sarg -l file
#
access_log /var/log/squid/access.log


# TAG:  output_dir
#       The reports will be saved in that directory
#       sarg -o dir
#
output_dir /var/www/html/squid-reports


# TAG:  date_format
#       Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w
(Weekly=yy.ww)
#
date_format e


# TAG: overwrite_report yes|no
#      yes - if report date already exist then will be overwrited.
#       no - if report date already exist then will be renamed to filename.n,
filename.n+1
#
overwrite_report yes

To generate the SARG Report, execute the following command. 

[root@linuxhelp sarg-2.3.10]# sarg -x
SARG: Init
SARG: Loading configuration from /usr/local/etc/sarg.conf
SARG: Parameters:
SARG:           Hostname or IP address (-a) = 
SARG:                    Useragent log (-b) = 
SARG:                     Exclude file (-c) = 
SARG:                  Date from-until (-d) = 
SARG:    Email address to send reports (-e) = 
SARG:                      Config file (-f) = /usr/local/etc/sarg.conf
SARG:                      Date format (-g) = Europe (dd/mm/yyyy)
SARG:                        IP report (-i) = No
SARG:             Keep temporary files (-k) = No
SARG:                        Input log (-l) = /var/log/squid/access.log
SARG:               Resolve IP Address (-n) = No
SARG:                       Output dir (-o) = /var/www/html/squid-reports/
SARG: Use Ip Address instead of userid (-p) = No
SARG:                    Accessed site (-s) = 
SARG:                             Time (-t) = 
SARG:                             User (-u) = 
SARG:                    Temporary dir (-w) = /tmp/sarg
SARG:                   Debug messages (-x) = Yes
SARG:                 Process messages (-z) = No
SARG:  Previous reports to keep (--lastlog) = 0
SARG: 
SARG: SARG version: 2.3.10 Apr-12-2015
SARG: Reading access log file: /var/log/squid/access.log
SARG: Records in file: 2567, reading: 100.00%
SARG:    Records read: 2567, written: 2567, excluded: 0
SARG: Squid log format
SARG: Period: 23 Sep 2017
SARG: Sorting log /tmp/sarg/192_168_7_191.user_unsort
SARG: Making file /tmp/sarg/192_168_7_191
SARG: Sorting log /tmp/sarg/192_168_7_103.user_unsort
SARG: Making file /tmp/sarg/192_168_7_103
SARG: Sorting file " /tmp/sarg/192_168_7_191.utmp" 
SARG: Making report 192.168.7.191
SARG: Sorting file " /tmp/sarg/192_168_7_103.utmp" 
SARG: Making report 192.168.7.103
SARG: Making index.html
SARG: Successful report generated on /var/www/html/squid-reports/23Sep2017-23Sep2017
SARG: Purging temporary file sarg-general
SARG: End

The SARG has been successfully installed, to access the SARG Report, switch over to the browser and enter the URL http://ip-address/squid-reports. The Squid report appears on the screen.

You can now select any particular userid to know more about the connections made by the userid.

This window shows the list of accessed sites by the particular user.

This screen shows the list of denied site accessed by the user.

The user' s internet usage can be viewed in Graphical view at any point of day.

The same graphical data can also be viewed in tabular view.

The installation procedure of SARG on CentOS 7 is done without any glitches.

Tag : CentOS SARG
FAQ
Q
which command used to generate the report for SARG in centos?
A
To generate the SARG Report, execute the following command.
# sarg -x
Q
where to down;load the package of SARG in terminal?
A
Download the latest SARG source file using wget command followed by the download link.
# wget http://liquidtelecom.dl.sourceforge.net/project/sarg/sarg/sarg-2.3.10/sarg-2.3.10.tar.gz
Q
what is the use of installing the SARG in centos?
A
The SARG is widely used to check how the internet bandwidth is utilized by individual machines on the same network. Before starting the installation procedure, install and configure Squid server act as a transparent proxy .
Q
Have you generated squid report in SARG?
A
you can generated squid report in SARG by following command

"# sarg -x".
Q
Is there any opensource tool for applying acl in squid?
A
There isn’t any such ACL tool, but you can use ACL rules to in Squid.