Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Traffic for every IP-Adress

Status
Not open for further replies.
lsicforum

lsicforum

IS-IT--Management
May 20, 2003
5
0
0
DE
Hello all,

We have PIX515 (Software 6.1(3)) with one inside und one outside interfaces. We use NAT. That is our inside network 192.168.0.0 (255.255.255.0) uses one outside ip-adress for example 200.100.100.150.

so i have follow question:

is it possible to show or to control how much traffic does every inside client through PIX for one month? I have found only "show traffic", bur it shows the traffic for all since newstart.

Thank you in advance!
 
Sort by date Sort by votes
I think you'll need to enable syslog and use a thrid party
log monitor/analysis proggie.

I use Insideout - - it's
nice and does the job but a little pricey

Also Kiwi syslog talks Cisco as well - it's cheaper -
gives you text output and you parse it as required with
excel or access -

"If you lived here, you'd be home by now!"

George Carlin
 
Upvote 0 Downvote
haknwak,

Thank you!

I hoped pix can show this info oneself, but it doesn't seem to be so. OK, I installed KiWiSysLog. What I need now the logging level right to set up. Does anybody know what logging level I need for the traffic info?

 
Upvote 0 Downvote
I log informational (I think it's level 6) - and, depending on your activity level, the files will grow quite large. Make sure you tell Kiwi to create a new file daily if it's busy so you can back up and manipulate them more easily.

"If you lived here, you'd be home by now!"

George Carlin
 
Upvote 0 Downvote
Syslog everything... set level seven... send it to a syslog server (Kiwi makes the Win standard)... and then you will have to use grep to find all the connections for each internal IP...

You end up with messages for the begining of each connection, the teardown of each connection and IP addresses and ports (and bytes transfered and time connected for TCP connections)...

all kinds of cool information but a fair amount of work to extract and present in a meaningful manner...

My tools are grep, perl, excel and sometimes access as a database... the combination (with some work) makes great prestnations to management...

Good luck,
Bill..

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
146
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
124
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
146
Johnkite
Johnkite
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
61
Russtoleum
Russtoleum
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
175
Shmid
Shmid

Part and Inventory Search

Sponsor

Back
Top