Squidalyser is a squid traffic analyzer, designed to allow per-user scrutiny and analysis of squid logfiles.
Version: 0.2.55Squidalyser is a squid traffic analyzer, designed to allow per-user scrutiny and analysis of squid logfiles. The program allows a non-technical user to extract information about web usage patterns, the type of information downloaded, the sites visited by users, the graphics downloaded, and the amount of information (per-byte or per-file) accessed. The program runs from a Unix system via a web browser.
Operating System: Linux
Here are some key features of "Squidalyser":
· Graphs to show relative levels of net access. Find out who your most active users are, and how much information they have been downloading. High levels of activity might indicate over-use of the web, or that a user has "leant" his password to another user. In certain circumstances, over-activity might mean a system is running proxy software of its own, either with or without the owner's permission, or running a robot to search for mp3s or warez.
· Lower levels might mean someone is under-using the web, or is uncertain about the technology -- extra help required. Or perhaps they're just not doing the work.
· Clickable lists of pages visited. Scan through the 'audit trail' for a user or group of users, either to ensure they have not infringed your acceptable use policy, or to check they have visited a site they ought to have visited -- to complete a set task for a school project, for example.
· A briefer list of sites visited. Just the sites ma'am, not the full URLs, to provide a quicker overview of Internet usage.
· A list of blocked accesses. If you block accesses to certain sites, you might be interested in who has been trying to get around your censorware. A report showing blocked access per-user will help. In some circumstances, for example where you require your users at a school to complete tasks on the Internet, you will probably come across the excuse "I tried to get on the net yesterday afternoon, but it didn't work." Using this feature, you can find out if they actually tried and (if they did) what (if anything) stopped them getting anywhere.
· A page of images downloaded. Most pornography will (according to the true meaning of that word) be in graphical format. Since those images will already be in your squid cache, it takes little time to view all of them on a page, per user. Paging through such a list takes little time but is very effective at finding out what users have been looking at on the web.
· Scanning by user group. Create your own groups of users, corresponding to school classes or work-groups, and apply all the above report formats to those users.
· Scanning word-lists. Create a list of suspect words to match against web URLs. Combine these with user-groups for rapid scanning of large sections of your logfile.
What's New in This Release:
· Implemented a suggestion from Lombardo to store domain:user in the rfc931 database field, if using NTLM.
· Reinstated the patch to squidparse.pl which takes account of NTLM in the first place
· Added a new "include_domain" parameter in squidalyser.conf to make inclusion of the domain (in domain:user) format an option.