Community discussions

 
ilirnako
just joined
Topic Author
Posts: 17
Joined: Thu Jan 14, 2010 3:57 pm

The best mode to Log ang track the internet connections

Mon Jul 18, 2011 2:31 pm

we use Mikrotik at our ISP
I want to use a LOG -server to track the Internet Connections of all users.This option is requested from Prosecutor Office
The users use NAT to reach the Internet .

Which is the best mode to implement this option :NETFlow or NAT Table connections export ?

Regards
Ilir
 
imrankosi
Member Candidate
Member Candidate
Posts: 153
Joined: Wed Oct 15, 2008 4:51 pm

Re: The best mode to Log ang track the internet connections

Mon Jul 18, 2011 6:12 pm

we use Mikrotik at our ISP
I want to use a LOG -server to track the Internet Connections of all users.This option is requested from Prosecutor Office
The users use NAT to reach the Internet .

Which is the best mode to implement this option :NETFlow or NAT Table connections export ?

Regards
Ilir
do you wann log report of your customers .????????????? If yes than you can use remote logging option and enable web proxy than and regards


please give karma if i solve your problem
 
ilirnako
just joined
Topic Author
Posts: 17
Joined: Thu Jan 14, 2010 3:57 pm

Re: The best mode to Log ang track the internet connections

Tue Jul 19, 2011 2:38 pm

I don't want to use Proxy Server .
I have tested the Ip-flow option but there is not information that I Need.

The best way is export of NAT-connection TABLE every 20 minutes to a external Server ,but the export file contain only a part of this Table .

From ,mikrotik Support have confirmed that is not possible to see all the entries of the NAT-connections table ???!!!


Regards
Ilir
 
Muqatil
Trainer
Trainer
Posts: 574
Joined: Mon Mar 03, 2008 1:03 pm
Location: London - UK
Contact:

Re: The best mode to Log ang track the internet connections

Wed Jul 20, 2011 12:03 am

with traffic flow you get all the informations you need to track connections of your customer.
You need to capture those flows with some netflow aware software.
Renato Bernardi

skype: medtech5
 
ilirnako
just joined
Topic Author
Posts: 17
Joined: Thu Jan 14, 2010 3:57 pm

Re: The best mode to Log ang track the internet connections

Wed Jul 20, 2011 10:33 am

I have tried different Netflow collectors software .
For my needs ,the Manageengine Netflow is the best ( IL MIGLIORE :) ) .This software give different type of reports of the traffic

Regards

Ilir
 
Muqatil
Trainer
Trainer
Posts: 574
Joined: Mon Mar 03, 2008 1:03 pm
Location: London - UK
Contact:

Re: The best mode to Log ang track the internet connections

Wed Jul 20, 2011 8:33 pm

I feel comfortable with flow-tools (deb package of ubuntu). It has mysql support so you can store the informations you need for future parsing. A simple php page with some select queries helps. Be careful when using the mysql support, if you store too much informations your database might collapse (Le prime volte ho avuto un DB di 150GB pieno). Collect only useful infos (src-address src-port -dst-address- dst-port time duration)
With a DB join you can link this data to the user, making the search easier.
Don't forget to use a radius anyway, you still need to log the connections to the user (UserManager is more than enough for this purpose)
I don't know if there is some software which does this already.
Renato Bernardi

skype: medtech5
 
Ivoshiee
Member
Member
Posts: 471
Joined: Sat May 06, 2006 4:11 pm

Re: The best mode to Log ang track the internet connections

Thu Mar 14, 2013 9:16 pm

I do not see why some external application should do that functionality for the MT device. Connection tracking should have an logging option and that output should be possible to send to the syslog or what not.
 
derr12
Member
Member
Posts: 411
Joined: Fri May 01, 2009 11:32 pm

Re: The best mode to Log ang track the internet connections

Fri Mar 15, 2013 8:57 pm

It doesnt look like standard logging will output what you are looking for there is a firewall logging option, but it doesnt include the connection tracker it seems.

The mikrotik can export the raw data you need via netflow or accounting, but you need another box to organise all the data for you. Just install either manage-engine netflow analizer on your log server (the freeware will be fine if you only need to moniter 1 router) or install mikrotiks traffic counter and use accounting.

Who is online

Users browsing this forum: No registered users and 16 guests