preface
Today, I'd like to introduce a commonly used Squid log analysis software to you. I hope it can be used by helpful students in their daily work in the future.
Sarg: full name: Squid Analysis Report Generator, is a Squid log analysis tool, which lists the Internet website information, time occupation information, ranking, connection times, traffic and other relevant information accessed by users in HTML format;
Squid log analysis software: www.squid-cache.org/Misc/log-an...
1, Sarg deployment process
Install GD Library
# yum -y install gd gd-devel
Installing sarg
# mkdir /usr/local/sarg # cd /usr/local/sarg/ # tar zxf sarg-2.3.7.tar.gz # cd sarg-2.3.7 # ./configure --prefix=/usr/local/sarg/ -sysconfdir=/etc/sarg --enable-extraprotection && make && make install
Meaning of configuration item:
- -Sysconfidir = / etc / Sarg: configuration file directory
- – enable extraprotection: add additional security protection
to configure
# vi /etc/sarg/sarg.conf 7 access_log /usr/local/squid/var/logs/access.log // Specifies the access log file for squid 25 title "Squid User Access Reports" // Page title 120 output_dir /var/www/html/sarg // Output directory of sarg Report 178 user_ip no // Display with user name 184 topuser_sort_field connect reverse // In the top sort, specify the number of connections and the number of bytes accessed in descending order 190 user_sort_field connect reverse // For user access records, the number of connections is in descending order 206 exclude_hosts /usr/local/sarg/noreport // Specifies the site list file that is not included in the sort 257 overwrite_report no // When the date report already exists, do you want to overwrite the report 289 mail_utility mailq.postfix // Command to send mail Report 434 charset UTF-8 // Use character set 518 weekdays 0-6 // Specify the week period for top sorting. 0 is Sunday 525 hours 9-12,14-16,18-20 // Specifies the time period for top sorting 633 www_document_root /var/www/html // Web page root directory
function
In the above configuration, sites not included in the sorting are added, which need to be stored in the / usr / local / sarg / norreport file, and the added domain names will not be displayed in the sorting. Directly execute sarg to start a record. It is recommended to set symbolic link, and then execute sarg, and output information will be displayed.
If you feel that your learning efficiency is low and you lack correct guidance, you can join the technology circle with rich resources and strong learning atmosphere to learn and communicate together!
[Java architecture group]
There are many technological giants from the front line in the group, as well as code farmers struggling in small factories or outsourcing companies. We are committed to building an equal and high-quality JAVA Communication circle, which may not make everyone's technology advance by leaps and bounds in the short term, but in the long run, vision, pattern and long-term development direction are the most important.
# touch /usr/local/sarg/noreport # ln -s /usr/local/sarg/bin/sarg /usr/local/bin/ # sarg SARG: Record on file: 0, reading: 100.00% SARG: No record found SARG: end
2, Sarg related command help
- -a: Specifies the host name or address that is not included in the sort
- -b: User agent log file output
- -c: Specify the list of sites that are not included in the sorting. The file name is / usr / local / Sarg / norrecords. These sites accessed by the client will not be sorted by top;
- -d: Specify date range
- -e: Specify report recipient mail
- -f: Specify profile
- -g: Specify the date format to enter
- -h: Help information
- -i: Specify the user name or IP address to be used for client sorting
- -l: Specifies the absolute path to the squid log file.
- -o: Specify the output path of the web page report file. It is recommended to use webmaster or other non admin users to run sarg.
- -p: Use IP address as userid domain
- -w: Specify the temporary file directory, and confirm that the partition where the directory is located is large enough, more than 1G.
3, Plan task
sarg can be made into a planned task and executed regularly.
# vim /usr/local/sarg/daily.sh / / daily newspaper #!/bin/bash #Get current date TODAY=$(date +%d/%m/%Y) #Get one week ago today YESTERDAY=$(date --date "1 day ago" +%d/%m/%Y) /usr/local/bin/sqmgrlog -l /usr/local/squid/logs/access.log -o /var/www/html/sarg -z -d $YESTERDAY-$TODAY &> /dev/null exit 0 # chmod +x /usr/local/sarg/daily.sh # crontab -e / / add a scheduled task and execute it at 0:00 every day 00 00 * * * /usr/local/sarg/daily.sh # chkconfig crond on
In addition to daily reports, you can also write weekly reports, monthly reports and send reports by mail. Please refer to the following script:
Weekly report: ------------------------------------- #!/bin/bash #Get current date TODAY=$(date +%d/%m/%Y) #Get one week ago today YESTERDAY=$(date --date "1 week ago" +%d/%m/%Y) /usr/local/bin/sqmgrlog -l /usr/local/squid/logs/access.log -o /usr/local/apache/htdocs/reports/weekly -z -d $YESTERDAY-$TODAY exit 0 Monthly report: ------------------------------------- #!/bin/bash #Get current date TODAY=$(date +%d/%m/%Y) #Get one week ago today YESTERDAY=$(date --date "1 month ago" +%d/%m/%Y) /usr/local/bin/sqmgrlog -l /usr/local/squid/logs/access.log -o /usr/local/apache/htdocs/reports/monthly -z -d $YESTERDAY-$TODAY /usr/local/squid/bin/squid -k rotate exit 0 Send report by mail: ------------------------------------- #!/bin/bash #Get current date TODAY=$(date +%d/%m/%Y) #Get one week ago today YESTERDAY=$(date --date "1 day ago" +%d/%m/%Y) /usr/local/bin/sqmgrlog -l /usr/local/squid/logs/access.log -e user@site.com -z -d $YESTERDAY-$TODAY exit 0
4, Frequently asked questions
When installing the rpm package, it cannot be installed and an error is reported
warning: *.rpm: Header V3 RSA/SHA256 Signature, keykey ID c105b9de:
resolvent:
Add -- force --nodeps at the end of the RPM statement to replace rpm with - IVH * Change rpm to rpm -ivh * RPM -- force --nodeps is OK.
nodeps means ignoring dependencies. In the Linux environment, there will be more or less related dependencies between software. With these two settings, you can ignore these dependencies and force installation or uninstallation.
For example:
rpm -ivh gd-devel-2.0.35-11.el6.x86_64.rpm --force --nodeps
Or try uninstalling:
Through man rpm, it is found that -- allmatches can solve this problem.
For example:
# rpm -e --allmatches --nodeps gd*
An error is reported when executing sarg command
# sarg SARG: Unknown sort order "BYTES" for parameter "topuser_sort_field"
resolvent:
Edit Sarg Conf configuration file, the contents of line 184 in the file are: topuser_ sort_ Remove BYTES in field connect BYTES reverse;
# vi /etc/sarg/sarg.conf 184 topuser_sort_field connect BYTES reverse
Then execute the command sarg;
# sarg SARG: Record on file: 0, reading: 100.00% SARG: No record found SARG: end
last
Share with you an immortal document of Java high concurrency core programming compiled by front-line development Daniel, which mainly contains knowledge points: multithreading, thread pool, built-in lock, JMM, CAS, JUC, high concurrency design mode, Java asynchronous callback, completable future class, etc.
Document address: A divine article explains java multithreading, lock, JMM, JUC and high concurrency design pattern clearly
Code words are not easy. If you think this article is useful to you, please give me one button three times! Pay attention to the author, there will be more dry goods to share in the future, please continue to pay attention!