User traffic log
HSNM administration backend general discussion

Rate this topic
   Post Reply
5 posts   •   Page 1 of 1
infosey
Posts: 157
Joined: 30 May 2018, 10:45

User traffic log

by infosey » 22 Mar 2019, 08:49

Hi!
What kind of information can I see in the "User traffic log" option? Can I see web sites where users are surfing?
What do I need to configure it? I get empty files.

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: User traffic log

by HSNMSupport » 22 Mar 2019, 09:21

Hi Infosey
No, unfortunalty it is not possible to see the site visited byt the end user but only the source/destination IP address, source/destination port, protocol, etc. Below you can find an example of the "users traffic LOG" file:

"2018-10-31T07:37:33.469958+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smart: Smartl: dhcp host 3C:05:18:E2:39:27/192.168.27.237 added, ip 192.168.27.237"
"2018-10-31T07:54:17.460367+01:00","nb1-158.static.cytanet.com.cy","hotspot,info,debug"," Smartline: HGDJYT@Smart (192.168.27.237): trying to log in by http-chap"
"2018-10-31T07:54:17.460367+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): local user not found"
"2018-10-31T07:54:17.460763+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): sending RADIUS authentication request"
"2018-10-31T07:54:17.947023+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): Access-Accept from RADIUS"
"2018-10-31T07:54:17.947023+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): using profile <default>"
"2018-10-31T07:54:17.947046+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): interim-update <300> from RADIUS"
"2018-10-31T07:54:17.947046+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): rate limit <5000000/20000000> from RADIUS"
"2018-10-31T07:54:17.947050+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): session timeout <652800> from RADIUS"
"2018-10-31T07:54:17.947050+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): idle timeout <86400> from RADIUS"
"2018-10-31T07:54:17.947053+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): adding ip->user binding"
"2018-10-31T07:54:17.947053+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): adding queue <5000000/20000000>"
"2018-10-31T07:54:17.947056+01:00","nb1-158.static.cytanet.com.cy","hotspot,account,info,debug"," Smartline: HGDJYT@Smart (192.168.27.237): logged in"
"2018-10-31T07:54:17.947056+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): sending RADIUS accounting Start request"
"2018-10-31T07:54:17.981267+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): RADIUS accounting request sent"
"2018-10-31T07:54:20.554375+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:38549->89.46.107.250:443, len 60"
"2018-10-31T07:54:20.554375+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:55871->74.125.232.165:80, len 60"
"2018-10-31T07:54:20.554788+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:38548->89.46.107.250:443, NAT (192.168.27.237:38548->212.31.98.158:38548)->89.46.107.250:443, len 60"
"2018-10-31T07:54:20.555183+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 34:ab:37:e2:99:97, proto TCP (SYN), 192.168.27.74:56514->23.50.180.89:443, len 64"
"2018-10-31T07:54:20.992662+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:35247->104.25.177.18:80, len 60"


If your file is empty could be due by:

1) You have enable the "IP filter" under "System settings". In this case only the ip address define on GW's "Internet connection IP address or DyndDNS name" can send syslog
SyslogIPFilter.jpg
GWInterneConnIP.jpg
2) You don't enable "Active LOGS" on the GW
GWEnableLOG.jpg
3) You have the port 1514 closed on your firewall

For further information please read the HSNM Administration Manual

Best regards
SyslogIPFilter.jpg
You do not have the required permissions to view the files attached to this post.

infosey
Posts: 157
Joined: 30 May 2018, 10:45

Re: User traffic log

by infosey » 26 Mar 2019, 09:30

I checked all of that and everything is OK and I get blank log files. I am using Ruckus virtual SmartZone.

HSNMSupport
Posts: 1553
Joined: 26 Jul 2016, 09:16

Re: User traffic log

by HSNMSupport » 26 Mar 2019, 11:23

Hi Infosey,

that's the problem, you are using Ruckus device. I'm sorry but users' traffic logs are available only if you use a Mikrotik Gateway.

Best Regards.

infosey
Posts: 157
Joined: 30 May 2018, 10:45

Re: User traffic log

by infosey » 26 Mar 2019, 18:31

Oh, what a pity! Thanks for your help.

Rate this topic

Who is online

Users browsing this forum: No registered users and 9 guests

It is currently 03 Dec 2024, 18:22