Timeline for log network activity in ubuntu server
Current License: CC BY-SA 3.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 26, 2013 at 21:37 | answer | added | slm♦ | timeline score: 3 | |
| Oct 26, 2013 at 18:11 | comment | added | Carles Sala |
I had a look at ntop and it looks as a good tool. However, few minutes after a connection is dropped it disappears from the list. Is there a way to get a historical report from it?
|
|
| Oct 26, 2013 at 16:24 | comment | added | Bratchley |
Have you looked into the LOG jump point in iptables? For example iptables -I INPUT -j LOG will syslog all inbound packets. You can use the normal criteria for limiting the packets that match the logging rule (for example only new TCP connections, etc). It won't be a report (hence a comment) but it will record this information.
|
|
| Oct 26, 2013 at 16:24 | comment | added | jordanm |
ntop or blanket log rules in iptables. Syslog can be configured to insert into databases.
|
|
| Oct 26, 2013 at 15:34 | history | asked | Carles Sala | CC BY-SA 3.0 |