Free-SA is statistic analyzer for daemons log files similar to SARG. Its main advantages over SARG are much better speed (7x-20x times), more reports support, crossplatform work and W3C compliance of generated HTML/CSS reports code.
Free-SA objectives:
– Control of users traffic usage;
– Help IT security officers to control internet access security policies and
investigate IT security incidents;
– Evaluate server efficiency to detect troubles with configuration;
– Be crossplatform and generate W3C compliant reports.
Free-SA currently support following log formats:
– Squid 2.x native log format,
– CERN/NCSA Common Log Format (CLF),
– CERN/NCSA Combined Log Format (in similar to CLF way),
– Postfix 2.x over syslog log format (EXPERIMENTAL),
– Qmail over syslog log format (EXPERIMENTAL),
– NetCache via Squid 2.x native log format (EXPERIMENTAL);
– Blue Coat via Squid 2.x native log format (EXPERIMENTAL);
– Communigate pro 5.x native log format (VERY EXPERIMENTAL).
Free-SA Installation
Download latest version
http://downloads.sourceforge.net/project/free-sa/free-sa-dev/2.0.0b5p15/free-sa-2.0.0b5p15.tar.gz
Edit global.mk file to set your operating system profile via special OSTYPE
variable and then type:
make install # to compile and install
make # to compile only
make release # to compile and strip binaries
Notes:
1. ‘make install’ command implies release, i.e. it strips all binaries.
2. For CentOS you may use either redhat-* or altlinux-* OSTYPE.
3. ‘native’ word in the middle of operating system profile name means compilation for your current platform only. It will produce code suitable to run only on
current system or on one similar to this by CPU architecture. If you are not satisfied with such behavior then you may modify operating system profile
which is located in ‘configs’ directory (just set SARCH variable to attract your preferred CPU). It is also recommended to save modified by you operating
system profile for use in future.
4. For rare and unknown platforms there is default ‘generic-any-cc’ operating system profile. Please note that it has disabled long file support as well as
support for thousands separator.
After installation you may also wish to:
1. Move free-sa.conf.sample, located at ETCDIR (according to operating system profile settings), to free-sa.conf. It is useful in case of your first
free-sa installation.
2. Run ‘man free-sa.conf‘ command for free-sa configuration file format description and then edit your free-sa.conf appropriately.
3. Run ‘man free-sa‘ or ‘free-sa -h‘ command to get command line options list and their description and then run ‘free-sa’ command with appropriate options.