[TriLUG] web traffic capturing software

John Broome jbroome at gmail.com
Mon May 11 11:39:23 EDT 2009


Chris Bullock wrote:
> We need a solution to be able to track a users Internet use.  We currently use OpenBSD firewalls and Windows on the desktop.  
> We recently had a call from a customer that had been notified that her credit had been attempted to be used and that the only person she had given the number to was an employee of ours.  when looking in the pf logs it appears that our logs rotate every hour and we only keep 4 rotated logs.  
> We need a solution that we can "easily" search for a website or computer and be able to get a report of computers that have accessed that web site or be able to get a list of web sites that a specific computer has accessed.  I know squid is out there but do not know any of the specifics of the software.
> Regards,
> chris

Could you tweak logrotate to keep more logs, or rsync them off to
another box before they rotate out?

I used tinyproxy at another client for whitelisting web sites for some
machines (on OBSD, whoo!).

I'm sure you could transparently proxy your users through that, without
any filtering to get your traffic logs per user.



More information about the TriLUG mailing list