Hi all,
On Sat, 22 Mar 2014, Viacheslav Dubrovskyi wrote:
22.03.2014 21:20, Stathis Gkotsis пишет:
First, I would like to thank you for the great product, pmacct has
proven very useful to me, which brings me to my question :) I see that
it is possible to enable traffic classification, which is about
detecting L7 protocol. I am particularly interested in HTTP and also
outputting the hostname or url, e.g. in exports via the print module.
Is this somehow possible?
IMHO better use special tools https://github.com/jbittel/httpry
I'm also interested in this. Even if it's captured by a separate tool (and
I'm not sure why it couldn't be integrated with pmacct's L7 classifiers) I
would really like to be able to log http and https hostnames of
connections, and correlate them with flows recorded by pmacct and DNS
requests and responses.
It's not clear that httpry can log the source and destination host and
port at all, let alone store it in a SQL database (no sample output is
provided), and presumably it does nothing with https.
Cheers, Chris.
--
Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838
Citylife House, Sturton Street, Cambridge, CB1 2QF, UK
Aptivate is a not-for-profit company registered in England and Wales
with company number 04980791.
___
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
