Hi guys, I'm considering using IPAudit but I'm not sure if it will suit my needs, so I thought I would ask.
Basically I have a cisco ASA firewall ( with a cisco 2950 switch plugged into it and my lan plugged into the switch).
I need to monitor the amount of traffic over a period of time( say 1 month ) going between different source and destination IP and have that information written to a file somewhere( or emailed it doesn't matter).
basically I'm trying to implement some type of download quota's from internal hosts out to the internet.
I've stumbled upon IPAudit in my search.
I was thinking I could setup a SPAN port on the switch so that IPAudit box can be used to count traffic.
The main concern I have at the moment is the output of IPAudit doesn't seem to include dates.
Any help is very much appreciated.
Ipaudit writes the starting and ending date/time for every connection using the -T option (the similar -t option writes only times).
You might also want to consider including the date in the output file name using -o (using time strings such as %Y%m%d) and only writing the start end ending times. This will reduce the file size.
Ipaudit's -D option is useful, it will write a new output file at a regular time interval. If used in conjunction with the -o option and time strings, it ca
n write output files at regular intervals, named by the date and time.
Note that if you plan on using Ipaudit-Web, you cannot use the -T option above, as the Ipaudit-Web scripts will not know how to handle the output.
Log in to post a comment.