Re: [Pauldotcom] Web Traffic Monitoring à la Span Po rt

[Abdul Qabiz]

I am sure there must be a lot of tools like that. Some routers can give you complete logs, even home class routers (netgear, etc) do have logging capabilities (email the logs when its full, or regular intervals. In logs, you would get sites, ip, time). I am sure you can find a script that can generate various reports after parsing the logs. This is the best I can think of, apart from the tools like wireshark, ettercap, etc which can run in promiscuous mode. Though, I am not sure if there is built-in facility to give reporting as you require. On 16/12/09 11:59 PM, Joe Magee wrote: Hey Everyone,   I had a quick question, is there any good open source tools that do web traffic monitoring? (i.e. promiscuous mode eth interface off of a spans port?) I’m interested in doing some basic monitoring and ideally sending those logs to a SIEM tool.   I know proxy’s have this logging capability, however I was hoping to be able to snag it off the wire and possibly answer questions such as: What sites are my users visiting? How many hours per day are they browsing the internet?   Thanks in advance!   Joe   Joe Magee Chief Technology Officer Cell +1-617-921-8671 Office +1-201-324-1800 x202     securing and enabling dynamic business www.thevigilant.com   _______________________________________________ Pauldotcom mailing list Pauldotcom@mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom@mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com