Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I would like to track all incoming traffic on a ubuntu web server, first by the address they are requesting and their ip address.
Is there any way to do so?
Thanks,
Ray
This is a very open ended question.
If you are interested in recorded ALL traffic to saving it for future analysis, TCPDump is the way to go. File rotation and timestamps can be taken care of for you with the proper flags. http://www.tcpdump.org/
If you are looking for Source/Dest IP and port logging, netflow is more convenient as it takes less resources and disk space to manage. This can be accomplished through nProbe http://www.ntop.org/nProbe.html or nfcapd http://manpages.ubuntu.com/manpages/intrepid/man1/nfcapd.1.html
You can always capture IP/port information from your router/firewall. This is probably the easiest.