I am working on a RouterOS scripting project where I want to monitor and log outbound HTTPS traffic to browser based media retrieval tools like Snapinsta on a small office network. The goal is to track how often staff retrieve Instagram media files for legitimate marketing work without broadly restricting social media access for all users. My current approach uses a RouterOS firewall rule with a logging action on outbound port 443 traffic matching specific domain patterns but I am struggling with the pattern matching syntax in RouterOS to correctly identify traffic to specific web tool domains without accidentally catching unrelated HTTPS traffic. Has anyone implemented a similar domain specific traffic logging setup in RouterOS scripting and found a reliable way to handle HTTPS domain matching without deep packet inspection.
You're trying to implement a poorly thought-out feature on a device that isn't fit for purpose.