Suggestions for Web Traffic Logging?
What I'm looking to do is log http traffic. Pretty simple stuff. I don't actually need blocking capabilities, just logging. This will be in a test environment (meaning my house) and later I might see about implementing it at a small branch at work.
At home I have a little Buffalo router running DD-WRT, and I think I can mirror traffic to a port on the router connected to a NIC on my FreeBSD box in promiscuous mode. Now, obviously from there I could run Wireshark with some filters on it and all that, but I want data that's pretty to look at with DNS resolved and all that if possible!
Alternatively, the DD-WRT software will use syslog to send data to the FreeBSD box (thought I don't QUITE have it working yet) and if there was an app that would peel out just what I want from that, it would work to. And I'm not looking for much - source IP, destination IP (resolved if possible), port 80, 8080, 443, etc.
A full dump of network traffic would be fine too, if I have a way to filter it and can easily see just what I want. I suppose I'm looking for sort of an open source Websense - but like I said, I don't need blocking capabilities.
Any suggestions?
Thanks.
|