For local password protected or HTTPS IBays, you stand a slim chance (with a bit of programming) of being able to match Apaches access stats with the secure or smb logs.
The 'catch' for this kind of stuff is that normal web page access doesn't, by default, require (and thus transmit or log) user details.
If your users each have their own machine, and thus IP address, then all one needs to do it replace the IP in the apache access logs with the relevent username.
There are two issues with this approach that you may need to consider. The first is whether your users sometimes use eachothers machines, thus rendering the IP to User relationship assumption useless.
The second thing to factor in is the proxy server settings on each web client. If your web clients go through the proxy then the Apache logs will show the address of the proxy and not of the web clients. I'm sure with an extra bit of programming effort you could tie in the proxy log records to solve this dilema *but* would it be worth it?
If you're looking for a method of auditing (and/or billing based on it) then you'll need to dig a little deeper and go for a package that:
1) Confirms what user was residing at what IP address for what times.
2) Gathers the IP traffic info directly from the Linux networking stats
3) And then Marries the two together.
In short: If all you want is some rough stats on 'stationary' desktop users then it shouldn't be too hard to cobble something together. If on the other hand you're wanting something that contributes to a legally binding document (eg. Billing, Offical reprimand etc) then you'll need something a whole lot more sophisticated.
Regards,
Luke
1 Replies
380 Views