Hi all, I'm trying to find or build a simple program to run on my Ubuntu Linux server that takes the syslog files or SNMP info from my Cisco Pix 515e and gives me a bandwidth utilization of employees and the sites/services they are using.
The issue is, my company currently has 1 t1, which is being maxed out. I can see that with MRTG (multi router traffic grapher) that the internal and external interfaces are being pegged with downloads for periods of time. I thought maybe it was a DoS attack, but the bandwidth utilization of the internal and external ports match pretty uniformly. Now I just need to figure out who's using the bandwidth and why. My guess is internet radio or other non-work related websites, but need to log it. Another issue is that the Pix syslog doesn't report data size, which makes it hard to determine network abusers. I found `fwanalog`, which analyzes the syslog file for `Denied` connections, but I can't find much help with configuring it to report `Accepts`. Thanks for any suggestions you have. See you soon. Nathan. ----------------------- Nathan Faust Systems Administrator Merchant Warehouse Two International Place Fourth Floor Boston, MA 02110 Phone: 617.896.5558 Fax: 617.854.8923 http://www.merchantwarehouse.com/ _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
