[TriLUG] web traffic capturing software

Chris Bullock cgbullock at yahoo.com
Mon May 11 15:54:41 EDT 2009


Big problem I see with using the logs in OBSD is that it only give the IP address, or nasty DNS name like 'ev1s-209-85-66-221.theplanet.com'

--- On Mon, 5/11/09, John Broome <jbroome at gmail.com> wrote:

> From: John Broome <jbroome at gmail.com>
> Subject: Re: [TriLUG] web traffic capturing software
> To: "Triangle Linux Users Group General Discussion" <trilug at trilug.org>
> Date: Monday, May 11, 2009, 8:39 AM
> Chris Bullock wrote:
> > We need a solution to be able to track a users
> Internet use.  We currently use OpenBSD firewalls and
> Windows on the desktop.  
> > We recently had a call from a customer that had been
> notified that her credit had been attempted to be used and
> that the only person she had given the number to was an
> employee of ours.  when looking in the pf logs it
> appears that our logs rotate every hour and we only keep 4
> rotated logs.  
> > We need a solution that we can "easily" search for a
> website or computer and be able to get a report of computers
> that have accessed that web site or be able to get a list of
> web sites that a specific computer has accessed.  I
> know squid is out there but do not know any of the specifics
> of the software.
> > Regards,
> > chris
> 
> Could you tweak logrotate to keep more logs, or rsync them
> off to
> another box before they rotate out?
> 
> I used tinyproxy at another client for whitelisting web
> sites for some
> machines (on OBSD, whoo!).
> 
> I'm sure you could transparently proxy your users through
> that, without
> any filtering to get your traffic logs per user.
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
> 


      



More information about the TriLUG mailing list