Hi everyone . My boss want me to give the report of the top 10 websites usage by employees. I'm thinking of using Wireshark to capture the Http request and store into a database for statistics. Please help ? Regards Henry asked 01 Jul '13, 19:16  Quốc Huỳnh Trấn |
One Answer:
Wireshark is a network troubleshooting tool. As such, it is very useful to analyze network and/or application (performance) problems. It also provides some kind of statistics, however not those you are asking for. You can create that kind of statistics, however Wireshark will only give you the URLs and the IP addresses (not any employee accounts/names). You will then need a tool to build your statistics, usually a small script (Perl, Python, Poweshell). Furthermore Wireshark is not meant to be running for a long time (hours, days, weeks) as it will build internal data structure and continuously consume RAM until the system runs out of memory, which is usually not a problem for network troubleshooting, but it is a problem for long-term monitoring solutions. So, Wireshark is probably not the right tool for you. If you use a HTTP proxy in your company, you will get those stats for "free", as the most proxies (commercial and open source) will provide all kind of "Top xxx stats". Also, if you enable authentication on the proxy, you will see the requests by user name/account and not just be IP address. IP address can change, think of DHCP or manual changes by a user to hide his/her tracks. Regards answered 01 Jul '13, 21:27  Kurt Knochner ♦ |
