sarg分析squid日志
Sarg(Squid Analysis Report Generator),是一款Squid 日志分析工具,采用HTML 格式,详细列出每一位用户访问Internet 的站点信息、时间占用信息、排名、连接次数、访问量等。
1、安装GD 库,httpd
[[email protected] ~]# yum -y install gd fontconfig-devel freetype-devel libX11-devel libXpm-devel libjpeg-devel libpng-devel zlib-devel2、安装sarg
[[email protected] ~]# tar xf sarg-2.3.7.tar.gz -C /usr/src/[[email protected] ~]# cd /usr/src/sarg-2.3.7/
[[email protected] sarg-2.3.7]# ./configure --prefix=/usr/local/sarg --sysconfdir=/etc/sarg --enable-extraprotection && make && make install
3、修改sarg 配置文件,添加监控的squid 的日志信息等
[[email protected] sarg-2.3.7]# cd /etc/sarg/
[[email protected] sarg]# ls
css.tpl exclude_codes sarg.conf user_limit_block
[[email protected] sarg]# cp -p sarg.conf sarg.conf.origin
[[email protected] sarg]# vim sarg.conf
7 access_log /var/log/squid/access.log
25 title "Squid User Access Reports"
120 output_dir /var/www/html/squid-reports
178 user_ip no
206 exclude_hosts /usr/local/sarg/noreport
184 topuser_sort_field BYTES reverse //reverse 降序排列,normal 升序排列
190 user_sort_field BYTES reverse
257 overwrite_report no
289 mail_utility mailx
434 charset UTF-8
518 weekdays 0-6
633 www_document_root /var/www/html
[[email protected] sarg]# touch /usr/local/sarg/noreport //该文件中的域名将不再显示在排序中
[[email protected] sarg]# ln -s /usr/local/sarg/bin/sarg /usr/local/bin
4、启动sarg 并观察squid 的访问日志
[[email protected] sarg]# sarg
SARG: 纪录在文件: 85083, reading: 100.00%
SARG: 成功的生成报告在 /var/www/html/squid-reports/2016Apr19-2016Apr19
[[email protected] ~]# ls /var/www/html/
sarg-php squid-reports
5、将sarg 做成任务计划
sarg 命令常用选项:
-l 指定输入日志来源
-o 指定输出目录
-z 处理信息
-d 指定日期
编写sarg 日志分割脚本
#!/bin/bash
# Get curent date
TODAY=$(date +%d/%m/%Y)
# Get one week ago today
YESTERDAY=$(date -d "1 day ago" "+%d/%m/%Y")
/usr/local/sarg/bin/sarg -l /var/log/squid/access.log -o /var/www/html/squid-reports -z -d
$YESTERDAY-$TODAY &>/dev/null
exit 0
[[email protected] ~]# chmod +x /usr/local/sarg/sarg.sh
[[email protected] ~]# crontab -e
0 0 * * * /usr/local/sarg/sarg.sh