# Sarg does not create reports

## localghost

Sarg does not create reports when I run it, either in a terminal window or with the sarg webmin module. It say it didn't find any records. Strange, because /var/log/squid/access.log is filled with records.

This is my (stripped) /etc/sarg/sarg.conf:

```
language Dutch

access_log /var/log/squid/access.log

title "Squid User Access Reports"

font_face Arial

header_color darkblue

header_bgcolor blanchedalmond

header_font_size -1

background_color white

text_color black

text_bgcolor beige

title_color green

logo_image none

logo_text ""

logo_text_color black

image_size 80 45

background_image none

temporary_dir /tmp

output_dir /var/www/localhost/htdocs/squid-reports

resolve_ip yes

user_ip no

topuser_sort_field "BYTES reverse"

user_sort_field "BYTES reverse"

exclude_hosts /etc/sarg/exclude_hosts

date_format e

remove_temp_files yes

index yes

overwrite_report yes

records_without_userid everybody

use_comma no

topsites_num 100

topsites_sort_order "CONNECT D"

index_sort_order D

exclude_codes /etc/sarg/exclude_codes

max_elapsed 28800000

long_url no

date_time_by bytes

charset Latin1

show_successful_message yes

show_read_statistics yes

topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE

user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE

site_user_time_date_type table

weekdays 0,1,2,3,4,5,6

hours 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23

show_sarg_info yes

displayed_values bytes

report_type "topsites sites_users users_sites date_time denied auth_failures site_user_time_date"
```

What might be wrong here?

By the way, the sarg webmin module shows this:

```
Now generating Sarg report from Squid log file /var/log/squid/access.log and all rotated versions ..

sarg -l /var/log/squid/access.log -d 26/12/2004-05/04/2005

SARG: Records in file=0 Reading=1 Rest=-1

SARG: Records in file=0 Reading=2 Rest=-2

SARG: Records in file=0 Reading=3 Rest=-3

SARG: Records in file=0 Reading=4 Rest=-4

SARG: Records in file=0 Reading=5 Rest=-5

SARG: Records in file=0 Reading=6 Rest=-6

SARG: Records in file=0 Reading=7 Rest=-7

SARG: Records in file=0 Reading=8 Rest=-8

SARG: Records in file=0 Reading=9 Rest=-9

SARG: Records in file=0 Reading=10 Rest=-10

...

SARG: Records in file=0 Reading=8400 Rest=-8400

SARG: Records in file=0 Reading=8401 Rest=-8401

SARG: Records in file=0 Reading=8402 Rest=-8402

SARG: Records in file=0 Reading=8403 Rest=-8403

SARG: Records in file=0 Reading=8404 Rest=-8404

SARG: Records in file=0 Reading=8405 Rest=-8405

SARG: Records in file=0 Reading=8406 Rest=-8406

SARG: Records in file=0 Reading=8407 Rest=-8407

SARG: Records in file=0 Reading=8408 Rest=-8408

SARG: Records in file=0 Reading=8409 R

.. Sarg failed! See the output above for details.
```

And in a terminal I get a segmentation fault.

----------

## Robert S

Try manually compiling the latest version from the sarg homepage.  It works, but I couldn't get the ./configure script to work.  Just do "make".

You might be able to get this to work with a bit of hacking around (it works for me):

# /usr/local/portage/net-analyzer/sarg/sarg-2.0.6.ebuild

inherit eutils

DESCRIPTION="Sarg (Squid Analysis Report Generator) is a tool that allows you to view where your users are going to on the Internet."

HOMEPAGE="http://web.onda.com.br/orso/sarg.html"

#SRC_URI="http://web.onda.com.br/orso/${P}.tar.gz"

SRC_URI="file:/usr/portage/distfiles/${P}.tar.gz"

LICENSE="GPL-2"

SLOT="0"

KEYWORDS="~x86 ~amd64"

IUSE=""

DEPEND=""

RDEPEND=">=net-proxy/squid-2.5.1"

src_unpack() {

        unpack ${A}

        cd ${S}

#       epatch ${DISTDIR}/sarg-1.4.1-index.sort.patch

#       epatch ${FILESDIR}/sarg-2.0.6.fix.patch

}

src_compile() {

        rm -rf config.cache

#       ./configure \

#               --enable-bindir=/usr/bin \

#               --enable-mandir=/usr/man/man1 \

#               --enable-sysconfdir=/etc/sarg || die "./configure failed"

        emake || die

}

src_install() {

        dodir /etc/sarg /usr/bin /usr/man/man1

        make \

                BINDIR=${D}/usr/bin \

                MANDIR=${D}/usr/man/man1 \

                SYSCONFDIR=${D}/etc/sarg \

                install || die

}

----------

## ItJustMe

I have found something

```
mail squid # sarg -v

SARG Version: 2.2.2 Aug-29-2006

mail squid # squid -v

Squid Cache: Version 2.6.STABLE5

```

Check your access.log. It must not contain leading space in each line!

Error is in default squid.conf in line

logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt

Here is additional space between "logformat squid" and "%ts". Just remove it.

And you can process your existing squid logs (with leading space) through sed:

```
sed s/^ // access.log > new.log
```

----------

