Hi Scott Sharkey ,
Tuesday, June 28, 2005, 10:40:02 AM, you wrote:
> Hi All,
> I have a need for a service or software that will monitor and track
> outbound HTTP (web) accesses, and report what pages are being visited.
> I know that Squid theoretically can do this, but it seems like overkill
> for this application. The user could care less about caching - they
> just want to monitor what URL's their staff is visiting.
> IS squid the best option, or is there something else that would do a
> better job? Part of my concern is that the machine they have to run
> this on does not have a huge amount of memory, and I understand Squid
> can be a memory hog.
tcpdump on the linux/firewall gateway:
/usr/sbin/tcpdump -t -a -p -i eth0 tcp and dst port 80 > /log/port80_`date '+%F-%A'`t80_`date'+%F-%A'`.tcpdump
eth0 is the internal interface, if you want to know which work
station is going where.
This will create the file, and its need to be terminated every day for
a new file to be created with the new date.
1 0 * * * /usr/sbin/tcpdump -a -t -p -i eth0 tcp and dst port 80 > /log/port80_`date '+%F-%A'`.tcpdump
57 23 * * * kill `ps axc | awk '/tcpdump/ { print $1 }'`
--
Thanks
http://www.911networks.com
When the network has to work Cisco/Microsoft