we use Mikrotik at our ISP
I want to use a LOG -server to track the Internet Connections of all users.This option is requested from Prosecutor Office
The users use NAT to reach the Internet .
Which is the best mode to implement this option :NETFlow or NAT Table connections export ?
Regards
Ilir
do you wann log report of your customers .??? If yes than you can use remote logging option and enable web proxy than and regards
please give karma if i solve your problem
I don’t want to use Proxy Server .
I have tested the Ip-flow option but there is not information that I Need.
The best way is export of NAT-connection TABLE every 20 minutes to a external Server ,but the export file contain only a part of this Table .
From ,mikrotik Support have confirmed that is not possible to see all the entries of the NAT-connections table ???!!!
Regards
Ilir
with traffic flow you get all the informations you need to track connections of your customer.
You need to capture those flows with some netflow aware software.
I have tried different Netflow collectors software .
For my needs ,the Manageengine Netflow is the best ( IL MIGLIORE 
) .This software give different type of reports of the traffic
Regards
Ilir
I feel comfortable with flow-tools (deb package of ubuntu). It has mysql support so you can store the informations you need for future parsing. A simple php page with some select queries helps. Be careful when using the mysql support, if you store too much informations your database might collapse (Le prime volte ho avuto un DB di 150GB pieno). Collect only useful infos (src-address src-port -dst-address- dst-port time duration)
With a DB join you can link this data to the user, making the search easier.
Don’t forget to use a radius anyway, you still need to log the connections to the user (UserManager is more than enough for this purpose)
I don’t know if there is some software which does this already.
I do not see why some external application should do that functionality for the MT device. Connection tracking should have an logging option and that output should be possible to send to the syslog or what not.
It doesnt look like standard logging will output what you are looking for there is a firewall logging option, but it doesnt include the connection tracker it seems.
The mikrotik can export the raw data you need via netflow or accounting, but you need another box to organise all the data for you. Just install either manage-engine netflow analizer on your log server (the freeware will be fine if you only need to moniter 1 router) or install mikrotiks traffic counter and use accounting.