±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36738
New Yesterday: 0 Visitors: 123

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Analyzing Proxy Log Files

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

markfu14
Member
 

Analyzing Proxy Log Files

Post Posted: Mar 23, 06 02:38

Does anyone know of a decent, free tool that has the ability to analyze proxy log reports that are exported in .txt files? What I am looking for is some type of user-friendly tool that can parse .txt proxy log files and give me a rough idea of a particular user's internet activity during working hours. I don't want to do it manually!  
 
  

crosser
Senior Member
 

Re: Analyzing Proxy Log Files

Post Posted: Mar 23, 06 04:56

Markfu14,

I am often tasked with searching proxy logs and making them more "readable". In order to accomplish this, I typically use something called, "Cygwin". It's a command prompt app that is based on Linux, but made for Windows.
You can download it for free at Cygwin.com .

The catch with Cygwin is that you need to know how to use regular expressions. I'm sure that there are other apps that will give you easy-to-use graphical user interfaces, but Cygwin is a very robust tool, as long as you can understand some of the basic regular expressions. Here is a good website to introduce regular expressions if you are interested>>>> sitescooper.org/tao_regexps.html

Also, commands like "cut" and "grep" are very helpful for finding and extracting information like user id's, IP addresses, and search terms.

Good luck, and let me know if you need a hand.
-Crosser  
 
  

arashiryu
Senior Member
 

Re: Analyzing Proxy Log Files

Post Posted: Mar 23, 06 20:05

What proxy server are you running?  
 
  

richardhall
Newbie
 

Re: Analyzing Proxy Log Files

Post Posted: Mar 23, 06 22:33

If you email me with a sample file to work with and explain how you want the results I'll write and publish a small freeware Windows application for you. If there are variations in the different file formats send me a sample proxy log of each type with a way for me to identify which is which. Give me an idea of everything you'd like it to do and I'll probably throw in some extra cool stuff too.
_________________
Richard Hall BSc MBCS CNSP
www.linkedin.com/in/richardhall 
 

Page 1 of 1