PaulDotCom mailing list archives

Web Traffic Monitoring à la Span Port

From: aqabiz at gmail.com (Abdul Qabiz)
Date: Thu, 17 Dec 2009 02:11:29 +0530

I am sure there must be a lot of tools like that. Some routers can give 
you complete logs, even home class routers (netgear, etc) do have 
logging capabilities (email the logs when its full, or regular 
intervals. In logs, you would get sites, ip, time). I am sure you can 
find a script that can generate various reports after parsing the logs.

This is the best I can think of, apart from the tools like wireshark, 
ettercap, etc which can run in promiscuous mode. Though, I am not sure 
if there is built-in facility to give reporting as you require.



On 16/12/09 11:59 PM, Joe Magee wrote:


Hey Everyone,

I had a quick question, is there any good open source tools that do 
web traffic monitoring? (i.e. promiscuous mode eth interface off of a 
spans port?) I'm interested in doing some basic monitoring and ideally 
sending those logs to a SIEM tool.

I know proxy's have this logging capability, however I was hoping to 
be able to snag it off the wire and possibly answer questions such as: 
What sites are my users visiting? How many hours per day are they 
browsing the internet?

Thanks in advance!

Joe

*Joe Magee*

/Chief Technology Officer/

Cell +1-617-921-8671

Office +1-201-324-1800 x202

vigilant-logo.jpg

*/securing and enabling dynamic business/*

www.thevigilant.com <http://www.thevigilant.com/>


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091217/f9b00d1a/attachment.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1661 bytes
Desc: not available
Url : http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091217/f9b00d1a/attachment.jpeg

Current thread:

Web Traffic Monitoring à la Span Port Joe Magee (Dec 16)
- [Pauldotcom] Web Traffic Monitoring à la Span Port genesiswave at gmail.com (Dec 16)
- Web Traffic Monitoring à la Span Port Abdul Qabiz (Dec 16)
- [Pauldotcom] Web Traffic Monitoring à la Span Port Nick Baronian (Dec 16)