[TriLUG] Web Usage Tracking...
Thu, 27 Sep 2001 20:29:23 -0400
On Thursday 27 September 2001 06:24 pm, you wrote:
> > You could set ipchains to log all outgoing packets destined for ports
> > 80, 443, and 8008. This would give you basic traffic analysis. Not
> > perfect or elegant, but it's quick and easy.
> Heck, go ahead and log everything, but make sure you put in a scsi disk
> sub-system for the firewall or your performance is going to take a hit.
> I have a couple of firewalls based on RH6.2 and they work great for logging
> and I can even tell in real time what is going on:
> netstat -Mn |grep 80
> tells me who is using the web and for what. I have cron jobs pull the top
> 10's out of my logs nightly and then flush the logs after seven days.
OK, can you give me an example of the cron job you use for that? (I assume
the logs to which you refer are the packet logs...)