Hi
Is there a simple way to log client protocol activity? Im currently using web proxy and remote syslog to log visited websites, but would like to expand this further to show a breakdown on protocol usage (smtp,pop,imap,iTunes etc) ?
Happy new year to all.
iTunes isn’t a protocol, and doesn’t use a special port. It would show up as regular http/80 (or https/443) traffic.
There are tons of syslog analzers, and syslog servers that filter. Look at kiwisyslog.
Thanks for the reply
Filtering is not a problem, we have rsyslog running - the question relates to how to actually get that port usage from the mikrotik into the syslog.
You may try packet sniffer