HSNM Forum

HSNM Forum
https://forum.hsnetworkmanager.com/

User traffic log

https://forum.hsnetworkmanager.com/viewtopic.php?f=9&t=4361

Page 1 of 1

User traffic log

Posted: 22 Mar 2019, 08:49
by infosey
Hi!
What kind of information can I see in the "User traffic log" option? Can I see web sites where users are surfing?
What do I need to configure it? I get empty files.

Re: User traffic log

Posted: 22 Mar 2019, 09:21
by HSNMSupport
Hi Infosey
No, unfortunalty it is not possible to see the site visited byt the end user but only the source/destination IP address, source/destination port, protocol, etc. Below you can find an example of the "users traffic LOG" file:

"2018-10-31T07:37:33.469958+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smart: Smartl: dhcp host 3C:05:18:E2:39:27/192.168.27.237 added, ip 192.168.27.237"
"2018-10-31T07:54:17.460367+01:00","nb1-158.static.cytanet.com.cy","hotspot,info,debug"," Smartline: HGDJYT@Smart (192.168.27.237): trying to log in by http-chap"
"2018-10-31T07:54:17.460367+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): local user not found"
"2018-10-31T07:54:17.460763+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): sending RADIUS authentication request"
"2018-10-31T07:54:17.947023+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): Access-Accept from RADIUS"
"2018-10-31T07:54:17.947023+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): using profile <default>"
"2018-10-31T07:54:17.947046+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): interim-update <300> from RADIUS"
"2018-10-31T07:54:17.947046+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): rate limit <5000000/20000000> from RADIUS"
"2018-10-31T07:54:17.947050+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): session timeout <652800> from RADIUS"
"2018-10-31T07:54:17.947050+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): idle timeout <86400> from RADIUS"
"2018-10-31T07:54:17.947053+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): adding ip->user binding"
"2018-10-31T07:54:17.947053+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): adding queue <5000000/20000000>"
"2018-10-31T07:54:17.947056+01:00","nb1-158.static.cytanet.com.cy","hotspot,account,info,debug"," Smartline: HGDJYT@Smart (192.168.27.237): logged in"
"2018-10-31T07:54:17.947056+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): sending RADIUS accounting Start request"
"2018-10-31T07:54:17.981267+01:00","nb1-158.static.cytanet.com.cy","hotspot,debug"," Smartline: HGDJYT@Smart (192.168.27.237): RADIUS accounting request sent"
"2018-10-31T07:54:20.554375+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:38549->89.46.107.250:443, len 60"
"2018-10-31T07:54:20.554375+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:55871->74.125.232.165:80, len 60"
"2018-10-31T07:54:20.554788+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:38548->89.46.107.250:443, NAT (192.168.27.237:38548->212.31.98.158:38548)->89.46.107.250:443, len 60"
"2018-10-31T07:54:20.555183+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 34:ab:37:e2:99:97, proto TCP (SYN), 192.168.27.74:56514->23.50.180.89:443, len 64"
"2018-10-31T07:54:20.992662+01:00","nb1-158.static.cytanet.com.cy","firewall,info"," Smartline: Smartline forward: in:hs-bridge out:ether1, src-mac 3c:05:18:e2:39:27, proto TCP (SYN), 192.168.27.237:35247->104.25.177.18:80, len 60"

If your file is empty could be due by:

1) You have enable the "IP filter" under "System settings". In this case only the ip address define on GW's "Internet connection IP address or DyndDNS name" can send syslog
SyslogIPFilter.jpg
GWInterneConnIP.jpg
2) You don't enable "Active LOGS" on the GW
GWEnableLOG.jpg
3) You have the port 1514 closed on your firewall

For further information please read the HSNM Administration Manual

Best regards
SyslogIPFilter.jpg

Re: User traffic log

Posted: 26 Mar 2019, 09:30
by infosey
I checked all of that and everything is OK and I get blank log files. I am using Ruckus virtual SmartZone.

Re: User traffic log

Posted: 26 Mar 2019, 11:23
by HSNMSupport
Hi Infosey,

that's the problem, you are using Ruckus device. I'm sorry but users' traffic logs are available only if you use a Mikrotik Gateway.

Best Regards.

Re: User traffic log

Posted: 26 Mar 2019, 18:31
by infosey
Oh, what a pity! Thanks for your help.
All times are UTC+01:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/