Is there a configuration or system that works well with the MikroTik hotspot setup to help generate a report of what sites users visit on the hotspot system?
Thanks,
If you want to keep a log of what URLs are being requested by guest, setup a squid proxy and force them to use it with a NAT rule, or parent proxy inside of the MikroTik. It will only work for HTTP though, as you cannot transparently redirect HTTPS. If you needed HTTPS requests as well you need to have them configure a system proxy for internet access.
The other option is to use Netflows/Traffic flow to gather data, but you only get IP addresses requested, not URLs.
I have a question about what you have just explain NetFlow
from what I understand I can use this to get information which websites (only IP ) the unit go to…
meaning what IP the user work on ? this is correct , right ?
can I get this information without external program ? just to get “log” on the router itself?
or I need to run a program that collect the information on external device (PC )?
Thanks ,
Netflows uses a collector server to gather all of the information into one place and process it. So you would need to setup a server somewhere that the the exporter (your router) would send the information to. You can then log into the collector and see the connections that have gone over the router. There are a few free collectors out there, and there are plenty of paid for collectors. NTop and NFSen are some of the free ones.
Yes you would be able to see what IP addresses that a given private IP address has been talking to, what ports they have used, and the amount of data and packets passed between them. Knowing the standard ports for different services you can get an idea of what a given user is doing.
And then you can use the CALEA package with sniff and dump it in wireshark format…
o.k. , I will connect the router to my server and try this option
can you recommend a free easy to use Netflows program?
Thanks ,
NTop is the easiest to install but is a bit of a pain to get it to collect netflows. NFSen is designed to be a netflows collector, and would probably be the better choice of the two.
can you recommend a software that run on windows and not linux ?
I have download SolarWinds-RealtimeNetFlowAnalyzer
I’m trying to connect to my router , without any success
I have done this
/ip traffic-flow print
enabled: yes
interfaces: all
cache-entries: 16k
active-flow-timeout: 30m
inactive-flow-timeout: 15s
do I need to config something in the target?
what else do I need to do ?
solarwinds.png
Thanks ,
NTop does work on Windows, but the Solar Winds should work as well, I just don’t think it is free past the trail period.
You are showing SNMP settings on the router, SNMP and Traffic flow are two separate things. After enabling traffic flow, you need to set a target. The Target is the IP and Port that it will be sending the netflows data to. You then need to configure your collector to be listening on that IP and Port for that specific location so it can place the information in the appropriate places.
maybe I have download the wrong software?
after installation this is the first page I get it doesn’t give any other setting
do you know this software? or another that run on windows ?(and working 
)
Thanks ,
You could also enable Accounting in the hotspot:
/ip accounting set enabled=yes threshold=8192
Made it avaible via http:
/ip accounting web-access accessible-via-web=yes
Then read the traffic log each fixed interval with:
http://routerIP/accounting/ip.cgi (Each read clean the log)
Now you can save, parse and store results in a db.
Details on http://wiki.mikrotik.com/wiki/Manual:IP/Accounting
bye
Thanks ,