Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
Monitoring Internet usage

Unanswered Monitoring Internet usage

  • Tuesday, April 03, 2012 2:55 PM
     
     
    Sign In to Vote
    0

    Hi,

    I want to be able to monitor the internet usage of our LAN users.
    I really need a list of URLS visited by IP address (and how long for)

    Can I do this with NetMon? I have been giving it a go and I can't see a way of getting this data.

    I am sure the data is all there but I just can't get a way of reporting on it?

    I don't want to install a gateway or a proxy I was hoping to do it by packet sniffing (either by port mirroring the Internet port on the switch or using a hub between the switch and the internet router).

    Thanks

     

All Replies

  • Wednesday, April 04, 2012 2:40 PM
    Moderator
     
     
    Sign In to Vote
    0

    Hi m4rky,

    You could write an Expert to perform this sort of functionality using our API (find the SDK at http://nmexperts.codeplex.com/).  There are a few caveats though.

    Across a whole network, it may be a bit tricky to parser and filter all the data live.  However, if you use the 'Faster Parsing' set of parsers or set an OLP filter in our driver through the API, that may be able to mitigate some of those concerns.  If you still can't keep up.  You would want to think about a installing the program on each box on the network then and collecting logs during non-peak times.

    You could use a filter like "HTTP.Request && !SSDP && !UDP" to get rid of a lot of the other noise that travels on HTTP.  Then you can access the Http Uri Property in order to get the URL that was requested.  This would include the main page request and also any other misc files that were then fetched (such as scripts and images).

    You can then just tag this address with the IPv4(or Ipv6).SourceAddress field to find out who requested the page.

    As for your last question about how long each user is staying on a site, it's really impossible to tell.  Most webpages once the initial request is made, probably won't get more data.  If they do request new ads or things, you may see it.  But if it's a static webpage, they could be reading an article for hours and you'd have no way of knowing.  It would be hard to infer that the next request two hours later is from them being on the previous page for two hours or them doing something else.  Of course, if the interval is something shorter like a minute or two, you can infer that they were browsing between pages.

    Hope that helps get you started.  Please feel free to ask further questions about this scenario or using our API to accomplish it.  We're happy to offer guidance and would love to see an Expert like this if you're also willing (and able to) share the results.

    Thanks,

    Michael Hawker | Program Manager | Network Monitor

     
  • Thursday, April 05, 2012 7:28 AM
     
     
    Sign In to Vote
    0

    Thanks for the reply.

    I have downloaded the SDK and will take a look at it.
    Is there any problmes with using the SDK with VS 2010?? Or do I have to use VS 2008??

    Your hints on the filter sound great. Exactly what I am after.

    I understand about the length of time on a site being impossible to work out.
    I think the number and times of the HTTP Requests will suffice.

    Thanks


    • Edited by m4rky-psi Thursday, April 05, 2012 7:30 AM
    •  
     
  • Thursday, April 05, 2012 1:46 PM
    Owner
     
     
    Sign In to Vote
    0

    You can use VS2010 as well.  The instructions for VS2008 should work there.

    Paul