Monitor Web Traffic

Similar Messages

• SA540 - Monitor Web Traffic (How to)?

  Just as the title reads, I'm looking for a way to monitor what traffic is going through my SA540.  Looking for what websites are being accessed.
  Not sure how to do this.  Can anyone assist?
  Thanks in advance!

  I looked into OPENDNS several months ago and seems like it was kinda expensive for commercial usage.  It wasn't an option.
  I was looking at the Status/Reports section of my 540 and it sounds like it gives the top 10 websites visited.  Does this sound correct?
  Of course Content Filtering must be turned on.  I assume turning on Content Filtering does nothing until allowed or blocked URL data is present?
  k

• App that monitors web traffic

  I have an g3 powerbook that I use as a web server. I am looking for an web site stats app that monitors all port hits, ip traffic in & out of the machine & hosted web sites, so i can see who consults the websites I am hosting. I am not running OS X server as I don't really need it & it is just too complicated. Any ideas?

  This might provide some of what you want at least...
  WaterRoof is a firewall management frontend with bandwidth tuning, NAT setup, port redirection, dynamic rules tracking, predefined rule sets, wizard, logs, statistics and other features...
  http://www.macupdate.com/info.php/id/23317

• Monitoring Web traffic.

  Hi there.
  I've been asked by a client to generate a report of website access from with in there office. I thought of using the DNS log to filter out the access, but it does not seem to log the information I need.
  Does any know of any software I can run my server that will log the internet traffic of users? Currently all the users use the server for dns so I guess that should help in some way.

  You can turn on DNS query logging, but that probably won't help much.
  For one, a DNS lookup doesn't necessarily indicate a web site access. More importantly DNS records are cached, so once the client has looked up a site once, they will continue to use that cached reply for hours (or even days), so your DNS logs won't reflect those accesses.
  The best way of doing this is to implement a proxy server. Configure the clients to talk through the proxy server and use the proxy server logs to track access.
  There are a number of proxy servers that can do this. Apache has one built-in, but a better option for this kind of setup would be Squid.

• Using 2801 for web/traffic monitoring

  We have a 'guest' internet network that is open for anyone who is a 3rd party and/or guest in our building. This is a seperate vlan and basically just pipes them out to the internet so they can access their company email etc. Currently, we have a old Linksys router running this show and it's getting tired looking. We have a spare 2801 router and I was wondering if it is possible to monitor connections, traffic or some sort of log of what's going on/whos connecting to what external IPs and ports.
  I know we could leverage nbar, I guess netflow? On the linksys there is an inbound/outbound access log that quickly tells you local IP -> external IP & port so you can quickly check whos connecting to what..
  Apart from possibly netflow and some 3rd party software to view the data, anything quick and dirty I can use direct on the router itself? (It will also be handing out DHCP and services this network alone, so there is no other 'infrastructure' involved , so to speak)
  cheers,
  A

  Hi Craig,
  I think, Through BI Monitoring Query Runtime Statistics , You can achieve this.
  Pls chk this links;
  http://help.sap.com/saphelp_nw2004s/helpdata/en/44/08a75d19e32d2fe10000000a11466f/frameset.htm
  http://help.sap.com/saphelp_nw70/helpdata/en/c3/0dec3b6e011341e10000000a114084/frameset.htm
  Regards
  CSM Reddy

• Is there program for precise measuring of web traffic in/out my Mac?

  Some ISPs have their proprietary web traffic/usage indicators   but they are  crude, of no use for precise measurements.
  Widgets are  of no hellp either.
  Is there  a program which can display the internet traffic in/out of a computer at any given moment and display it instantly ?
  Ideally , able to display live (or by manual update) what  the traffic is to/from websites visited , email in/out data flow and creating a log, so I can have a record what exactly the web usage is, for example, for last 1 hour/ 1day/1 week.
  Is there such a program?
  Thanks in advance

  I've been using SurplusMeter waiting for AT&T U-verse to get their usage meter going (3 months of waiting) due to the caps they (supposedly) imposed on May 2, 2011.  They still haven't gotten their meter working and it's not clear the caps are being imposed (250 GB/month).  But I wanted to get a idea of how much I was using so I decided on SurplusMeter. 
  SurplusMeter has a number of nice features.  But without any other measurement tool to cooralate it with I have no idea how accurate it is. One thing I do know howerver is that in the case of U-verse, where all traffic goes through a U-verse provided router (they call it the "resident gateway") I can only measue the traffic in and out of my computer, not in and out of the router (no, there no separate info in the router to give me this info or I wouldn't have needed SurplusMeter).
  FWIW, there are other utilities that can give you some of this info or present it in different ways.  Here's a few others I looked at before choosing SurplusMeter:
  Net Monitor
  ProteMac Meter
  TraffiX
  UsageTracker

• How to configure DNS server to redirect all web traffic to one external website?

  I'd like to use the DNS service on my OS X Server as a way to force all all web traffic to one specific, external website. Not quite sure how to go about configuring it, though - any recommendations?
  (BTW, this is, obviously, not our primary DNS server; I intend to silently update the preferred DNS server for users who fail to complete their timesheets in order to force the issue)

  Web clients don't generate uniquely-identifiable DNS queries; there's no SRV request or related traffic that you could select on and spoof.  So if you do implement this, everything querying the spoofing DNS server will get the spoofed host, or you'll have to spot specific queries that are likely web queries; Facebook, Google, Bing, etc. 
  If you still want to implement this, then I'd probably replace the DNS server with a runt DNS server (maybe hack dnsmasq or maraDNS, or create yourself a trivial DNS server) and have that always return the specified IP address.  This avoids having to hack BIND to be universally authoritative, which is probably on par with hacking a simpler DNS server to always return a fixed IP address, and the latter is probably easier to undo.
  A firewall can spot TCP port 80 and port 443 traffic, unlike a DNS server.   Firewalling outbound port 80 traffic is more typical of these requests, and either trap that traffic to a specific web page based on the capabilities of the firewall, or the web proxy approach that Camelot suggests.  There are folks that tie access into the web proxies into external authentication and related; that'd be able to do what you want.   Web proxies are usually combined with firewall blocks, as most sites want only the web proxy to have external access, too.  But this is also rather more pieces than a DNS redirect, too.

• How to get polipo proxy to transparently handle web traffic?

  hello there,
  I've got a router PC at home. It runs privoxy so that any PC on my local network can browse the Internet in a reasonably secure way, with no ads and such.
  Because we often visit the same websites, I thought that's be a good thing to set up a caching proxy. I tried Squid, but found it difficult to configure, slow to start, etc. so I finally chose polipo, which is much lighter and simpler.
  On the web, many sources advise to have to following setup:
  1) local -- privoxy -- polipo -- internet
  I got such a setup, but I'd like to try the following instead:
  2) local -- polipo -- privoxy -- internet
  In my opinion it's more relevant because:
  - my router is quite old, and I think it would be lighter on resources to serve already privoxied cached pages, rather than having privoxy process every cached page
  - in terms of privacy, it's generally advised not to have a parent proxy on top of privoxy
  Privoxy acts as an intercepting proxy, so setup 1) was quite easy to configure. Web traffic is redirected to privoxy, then privoxy forwards it to polipo.
  Polipo does not act as an intercepting proxy, because its developer considers that "interception proxying is a fundamentally broken design [...], and will not be supported by Polipo". So far, the only possible workaround I found are :
  - configure browsers to use polipo: not suitable, I want any local network computer to be able to transparently connect to the internet
  - use yet another proxy to intercept traffic...
  - or, from polipo docs :
  If you want to use interception proxying in order to avoid manually configuring your clients, please use Netscape's proxy.pac auto-configuration (you don't need a separate web server, as a proxy.pac file can be served by Polipo's internal server).
  It gives link pointing to http://wp.netscape.com/eng/mozilla/2.0/ … -live.html which is dead.
  So, in short: is there a way to transparently route my web traffic through polipo?
  Thanks for any guidance.

  Not sure if your still looking for a solution, but I could think of a couple possible ways to redirect the traffic. One would be rinetd (Here). The other solution I thought would be iptables (FW_REDIRECT ??), but I have not tried that.
  I might try experimenting with a few ways, but let me know if you have it working..

• How to generate web traffic report on SharePoint 2013?

  Hello All,
  I am working on Intranet in SharePoint 2013 On Premise.
  There are functionalities like Poll, Survey, Event, Announcements etc.
  Now there is a requirement to create web traffic report for all these functionality. How should I generate web traffic report for all these?
  Thanks in Advance.

  Hi Darsh,
  Here is the out of box analytic reports you can view.  Please refer to the following article.
  SharePoint 2013 Analytics A Big Step Backward
  New Analytics in SharePoint 2013
  Please mark it answered, if your problem resolved or helpful. 

• How to monitor network traffic on an IP alias?

  Does anybody happen to know how I can monitor the traffic on an IP alias on say igb0:1 using iftop or something similar? iftop (pcap, I guess is the issue here) doesn't seem to cope with IP aliases.
  Cheers

  After fiddling around a bit with this issue I decided that it was time to embrace dladm/ipadm a bit more and exchange these old-style virtual NICs with new ones. So I dumped the old igbx:y VNICs and created new ones by issuing:
  dladm create-vnic -l igb0 vnic0
  followed by:
  ipadm create-ip; ipadm create-addr…
  Now, I can monitor these new vnics using if top just fine.

• Is there any way to log web traffic information of the users with RV082 router ?

  Dear all,
  I just bought a RV082 router. I can't find any way for logging the web traffic of the users.
  Can it be done with the router ?
  Thanks
  Fabio

  Hello,
  If I am not mistaking the best you can do is to send syslog traffic to a server or locally (to a server being preferred) .
  But you are going to see stuff like this:
  30>Aug 3 22:12:40 2005 gw RGFW-OUT: ACCEPT (TCP 192.168.1.111:2101->212.5.219.46:80 on ppp0) [0,0]
  <30>Aug 3 22:12:40 2005 gw RGFW-OUT: ACCEPT (TCP 192.168.1.111:2102->81.0.235.240:80 on ppp0) [0,0]
  <30>Aug 3 22:12:40 2005 gw RGFW-OUT: ACCEPT (TCP 192.168.1.111:2103->81.0.235.251:80 on ppp0) [0,0]
  <30>Aug 3 22:12:41 2005 gw RGFW-OUT: ACCEPT (TCP 192.168.1.111:2104->212.5.219.46:80 on ppp0) [0,0]
  <30>Aug 3 22:12:41 2005 gw RGFW-OUT: ACCEPT (TCP 192.168.1.111:2105->81.0.235.250:80 on ppp0) [0,0]
  <30>Aug 3 22:12:41 2005 gw RGFW-OUT: ACCEPT (TCP 192.168.1.111:2106->212.5.219.46:80 on ppp0) [0,0]
  You will need an external device to make this happen, Having a proxy server such as Squid would do it for you and not just that but will optimize the newtork :)
  Regards,
  Jcarvaja
  CCIE 42930

• Is there anyway to monitor network traffic on the newer Time Capsules, similar to the SNMP monitoring previously?

  Is there anyway to monitor network traffic on the newer Time Capsules, similar to the SNMP monitoring previously?

  Can I use a real router and still have the Time Capsule for backups etc?
  Yes, that is what Bridge Mode is for.  Just connect the Time Capsule to a LAN <--> Ethernet port on your "main" router.

• Have any source code can produce a web traffic analysis?

  I want to get the source code to produce a web traffic analysis report, for example i input a tomcat's access_log, it can analysis this log file and then output the analysis result in html file format.
  I have already found a source code to parsing the IE's log file, but i can't find a source code to parse the tomcat's access_log file.
  Have anybody know where can download this source code.......Thank a lot!!!!!

  I also want to know how to do this........

• Need Help on Configuring the Site to Site VPN from Cisco 2811 to Websense Cloud for web Traffic redirect

  Hi All,
  I need help on Configuring the Site to Site VPN from Cisco 2811 to Websense Cloud for web Traffic redirect
  2811 having C2800NM-ADVIPSERVICESK9-M
  2811 router connects to the Internet SW then connects to the Internet router.
  Note- For Authentication am using the Device ID & Pre share key. I am worried as all user traffic goes with PAT and not firing up my tunnel for port 80 traffic. Can you please suggest what can be the issue ?
  Below is router config for VPN & NAT
  crypto keyring ISR_Keyring
    pre-shared-key hostname vpn.websense.net key 2c22524d554556442d222d565f545246
  crypto isakmp policy 1
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp keepalive 10
  crypto isakmp profile isa-profile
     keyring ISR_Keyring
     self-identity user-fqdn [email protected]
     match identity user vpn-proxy.websense.net
  crypto ipsec transform-set ESP-NULL-SHA esp-null esp-sha-hmac
  crypto map GUEST_WEB_FILTER 10 ipsec-isakmp
  set peer vpn.websense.net dynamic
  set transform-set ESP-NULL-SHA
  set isakmp-profile isa-profile
  match address 101
  interface FastEthernet0/1
  description connected to Internet
  ip address 216.222.208.101 255.255.255.128
  ip access-group HVAC_Public in
  ip nat outside
  ip virtual-reassembly
  duplex full
  speed 100
  no cdp enable
  crypto map GUEST_WEB_FILTER
  access-list 101 permit tcp 192.168.8.0 0.0.3.255 any eq www
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.187 log
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.181 log
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 host 85.115.41.182 log
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 86.111.216.0 0.0.1.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 116.50.56.0 0.0.7.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 86.111.220.0 0.0.3.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 103.1.196.0 0.0.3.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 177.39.96.0 0.0.3.255
  access-list 103 deny   ip 192.168.8.0 0.0.3.255 196.216.238.0 0.0.1.255
  access-list 103 permit ip 192.168.8.0 0.0.3.255 any
  ip nat pool mypool 216.222.208.101 216.222.208.101 netmask 255.255.255.128
  ip nat inside source list 103 interface FastEthernet0/1 overload
  ip nat inside source route-map nonat pool mypool overload

  How does Websense expect your source IPs in the tunnel? 192.168.8.0 0.0.3.255 or PAT'ed 216.222.208.101 ?
  Check
  show crypto isakmp sa
  show crypto ipsec sa
  show crypto session
  You'd better remove the preshared key from your post.

• Redirecting web traffic

  Is there an easy way to redirect "some" web traffic using combo of ACL, Route-maps, Nat etc.
  I need some users to access a specific page but want the remainder of users to go to a different page.
  Thanks

  I fixed the Apache Server not starting up issue-It was an issue with the configuration.
  Still need some advice on the redirect.
  Thanks!
  Tyler