View Single Post
  #1   (View Single Post)  
Old 15th September 2008
Bruco Bruco is offline
Fdisk Soldier
 
Join Date: May 2008
Location: Kalamazoo, MI, USA
Posts: 61
Default Suggestions for Web Traffic Logging?

What I'm looking to do is log http traffic. Pretty simple stuff. I don't actually need blocking capabilities, just logging. This will be in a test environment (meaning my house) and later I might see about implementing it at a small branch at work.

At home I have a little Buffalo router running DD-WRT, and I think I can mirror traffic to a port on the router connected to a NIC on my FreeBSD box in promiscuous mode. Now, obviously from there I could run Wireshark with some filters on it and all that, but I want data that's pretty to look at with DNS resolved and all that if possible!

Alternatively, the DD-WRT software will use syslog to send data to the FreeBSD box (thought I don't QUITE have it working yet) and if there was an app that would peel out just what I want from that, it would work to. And I'm not looking for much - source IP, destination IP (resolved if possible), port 80, 8080, 443, etc.

A full dump of network traffic would be fine too, if I have a way to filter it and can easily see just what I want. I suppose I'm looking for sort of an open source Websense - but like I said, I don't need blocking capabilities.

Any suggestions?

Thanks.
Reply With Quote