README
1================================================================================
2This is a README file for the free-sa program, version 2.0.0 or higher
3
4 Copyright (C) 1997, 2006-2013 Oleg Sapon <xsov@mail.ru>
5
6 SortTable code Copyright (C) 2007 Stuart Langridge
7 http://www.kryogenix.org/code/browser/sorttable/
8
9 This file is part of free-sa.
10
11 This program is free software: you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation, either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23
24 For tranlations authors check THANKS file.
25================================================================================
26
27Free-SA is statistic analyzer for daemons log files similar to SARG. Its main
28advantages over SARG are much better speed (7x-20x times), more reports support,
29crossplatform work and W3C compliance of generated HTML/CSS reports code. It's
30written in C and is free part of commercially available RBSec-SA suite. You may
31check platform requirements in README.DEV file.
32
33Free-SA objectives:
34- Control of users traffic usage;
35- Help IT security officers to control internet access security policies and
36 investigate IT security incidents;
37- Evaluate server efficiency to detect troubles with configuration;
38- Be crossplatform and generate W3C compliant reports.
39
40Free-SA currently support following log formats:
41 - Squid 2.x native log format,
42 - CERN/NCSA Common Log Format (CLF),
43 - CERN/NCSA Combined Log Format (in similar to CLF way),
44 - Postfix 2.x over syslog log format (EXPERIMENTAL),
45 - Qmail over syslog log format (EXPERIMENTAL),
46 - NetCache via Squid 2.x native log format (EXPERIMENTAL);
47 - Blue Coat via Squid 2.x native log format (EXPERIMENTAL);
48 - Communigate pro 5.x native log format (VERY EXPERIMENTAL).
49
50IMPORTANT NOTICE: FREE-SA IS LOCALE DEPENDENT! IT MEANS:
51* FREE-SA LOCALE SHOULD BE EQUAL TO PROXY LOCALE
52 (you can play with LC_ALL shell variable at free-sa side)
53* FREE-SA TIMEZONE SHOULD BE EQUAL TO PROXY TIMEZONE
54 (you can play with TZ shell variable at free-sa side)
55* RUNTIME LOCALE CHARSET FOR FREE-SA SETS CHARSET FOR ALL HTMLs
56 (you can use iconv to convert translation files at free-sa side)
57
README.DEV
1PLEASE CHECK FIRST LOCALE NOTES IN README!
2
3- W3C HTML 4.01 allows not set </TR>, </TD> and </TH> elements
4- W3C HTML 4.01 requires to set alt (minimum alt="") attribute for <IMG> tag
5- W3C HTML 4.01 allows not type " (double quotes) for colspan, cellspacing, cellpadding and class attributes
6
7It is allowed to use calls, which conforms to any of listed standards (PLATFORM REQUIREMENTS):
8- ISO 9899 (C99);
9- ANSI C;
10- any POSIX (i.e. POSIX.2, POSIX 1003.1-2001 ...);
11- SVID 3;
12- The Single UNIX(R) Specification, Version 2 (SUS).
13
14It is DISALLOWED to use:
15- calls, which conforms ONLY to BSD or GNU standards (or both of those);
16- extensions to calls, which conforms ONLY to BSD or GNU standards (or both of those).
17
18
19==========================
20=== Naming conventions ===
21==========================
22Variables:
23TU(R) - Top Users (Report)
24TS(R) - Top Sites (Report)
25U(R) - User (Reports)
26UF(R) - User FullURL (Reports)
27UD(R) - User Datetime (Reports)
28UG(R) - User Graphs (Reports)
29LF(R) - Local Filter (Reports), was TT(R)
30I(R) - Index Report (root of all reports)
31DF - Description File
32Indic - indicators
33t* - temporary * variable
34url* - per URL * variable
35tl* - total * variable
36cc* - per user total * variable
37cfg.* - configuration * variable
38iname - internal name (for now ip or username)
39o* - old * variable
40i* - function input * variable
41
42Macros:
43*SIZE - integer/long (includes '\0'), userful for array size, malloc, fgets
44*LEN - string, (not includes '\0'), useful for scanf
45