DansGuardian Documentation Wiki

You are here: Main Index » identity_logging


|

Wiki Information

Differences

This shows you the differences between the selected revision and the current version of the page.

identity_logging 2009/06/12 23:23 identity_logging 2009/12/17 00:21 current
Line 1: Line 1:
===== Setting Up Identity Logging ===== ===== Setting Up Identity Logging =====
-One part of [[Group Configuration|setting up Multiple Filter Groups]] is identification of individuals in the logs. Occasionally this identification of individuals in the logs is //all// you want; you don't need or want Multiple Filter Groups. If this is all you want:+One part of [[Group Configuration|setting up Multiple Filter Groups]] is identification of individuals in the logs. Occasionally this identification of individuals in the logs is //all// you want; you don't need or want Multiple Filter Groups. If this is all you want (assuming you've configured <color #351>anonlymizelogs=off</color>):
  - Set up some [[User Identification Methods|User Identification Method]]. This probably requires enabling at least one <color #351>authplugin</color> line in 'dansguardian.conf', and in many cases extending your Squid configuration.   - Set up some [[User Identification Methods|User Identification Method]]. This probably requires enabling at least one <color #351>authplugin</color> line in 'dansguardian.conf', and in many cases extending your Squid configuration.
Line 10: Line 10:
Whether or not users who supply bogus credentials will be able to access the web anyway depends on exactly how you extend the Squid configuration. You could for example allow users to specify any old credentials they wish by selecting a Squid helper program that "always succeeds". But then you couldn't stop users from impersonating each other, and you'd likely have web activity identified with the likes of "Elvis Presley". Whether or not users who supply bogus credentials will be able to access the web anyway depends on exactly how you extend the Squid configuration. You could for example allow users to specify any old credentials they wish by selecting a Squid helper program that "always succeeds". But then you couldn't stop users from impersonating each other, and you'd likely have web activity identified with the likes of "Elvis Presley".
 +
 +(If you're sure you're generating some sort of user identification [usernames or client IP addresses], but it still doesn't appear in the logs [i.e. "no username in access.log"], check the configuration setting <color #351>anonymizelogs</color>. Assuming your local laws and your policies allow information that could identify an individual to be logged, it should be <color #351>anonymizelogs=off</color>.)
 +