[TriLUG] kinda a sniffer, kinda a snort, kinda weird
Greg Brown
gwbrown1 at gmail.com
Fri Aug 26 15:40:03 EDT 2005
Does anyone know anything that will pull in data on a listening
interface (from a span port on a Cisco, for instance) that will log
traffic to a database then present a break-down of what that person
did, what protocols they used, what websites they visited, etc? Kind
of an intellignet traffic reporter? A watchdog so to speak? Does
anyone know of a linux/bsd package that will do this?
The front-end has to be fairly simple, something a non-techincal
manager can look at and go "holy crap, employee X is visiting
monster.com 450000 times per day, while only hitting the web app they
are supposed to enter data in 10 times a day".
I've never seen a commerical app to do this so I'm having a hard time
saying "just like product X, only linux-based and free".
Any ideas?
Greg
More information about the TriLUG
mailing list