User tracking Apache

Hey all. I am a Admin at a Hospital in NJ where we are being reviewed
for HIPPA compliance. HIPPA for those who do not know ... they are the
regulators of the Health Care industry. What I am looking for is a
easy way to track my users as far as what site's they are visiting and
keep either a database record or some type of log to review monthly. I
have looker at a couple different options but would like some outside
advice. This is a temporary thing. The system is Linux running
Apache+Tomcat. MySQL database and a host of other apps but you get the
jest. Please
if you have any experience in this or have implemented this tecnique
post your knowledge. Thanks all .

You need to force their surfing through a proxy server (e.g., Squid) which will log each request and allow you to restrict sites. This has absolutely nothing to do with your own web server (e.g., Apache).

Chris wrote:
> Hey all. I am a Admin at a Hospital in NJ where we are being reviewed
> for HIPPA compliance. HIPPA for those who do not know ... they are the
> regulators of the Health Care industry. What I am looking for is a
> easy way to track my users as far as what site's they are visiting and
> keep either a database record or some type of log to review monthly. I
> have looker at a couple different options but would like some outside
> advice. This is a temporary thing. The system is Linux running
> Apache+Tomcat. MySQL database and a host of other apps but you get the
> jest. Please
> if you have any experience in this or have implemented this tecnique
> post your knowledge. Thanks all .

Barry Simple <nospam@netnews.mchsi.com> wrote in message news:<rCe_a.130098$Ho3.15110@sccrnsc03>...
> You need to force their surfing through a proxy server (e.g., Squid) which will log each request and allow you to restrict sites. This has absolutely nothing to do with your own web server (e.g., Apache).
>
> Chris wrote:
> > Hey all. I am a Admin at a Hospital in NJ where we are being reviewed
> > for HIPPA compliance. HIPPA for those who do not know ... they are the
> > regulators of the Health Care industry. What I am looking for is a
> > easy way to track my users as far as what site's they are visiting and
> > keep either a database record or some type of log to review monthly. I
> > have looker at a couple different options but would like some outside
> > advice. This is a temporary thing. The system is Linux running
> > Apache+Tomcat. MySQL database and a host of other apps but you get the
> > jest. Please
> > if you have any experience in this or have implemented this tecnique
> > post your knowledge. Thanks all .

I have used Squid before and didn't really want to go the proxy way .
Snort has some nice features as far as creating your own rules
searching for keywords in packet headers but have not found a way to
integrate it into a custom database. Is there a squid interface to
MySQL ? Guess I should go and check myself HUH ?
Let me give you a example of what I really want to do though. If you
have ever used vpopmail you know that the MySQL Database it create's
keeps track of logging, overall users and authentication which also
tracks user, remote ip and timestamp. I want to do user, destination,
timestamp and maybe a couple other features. This really is not based
on apache that was just a title description. If anyone may know a good
place for me to look it would be greatly appreciated. Could try to
design this myself but I really do not have the time at my job.....
swamped...... Thanks again all.

You may be able to use piped logs and write something to put the data into
mysql.
http://httpd.apache.org/docs-2.0/logs.html

Jay


"Chris" <fersher@hotmail.com> wrote in message
news:1717582c.0308060625.2d5ff072@posting.google.c om...
> Hey all. I am a Admin at a Hospital in NJ where we are being reviewed
> for HIPPA compliance. HIPPA for those who do not know ... they are the
> regulators of the Health Care industry. What I am looking for is a
> easy way to track my users as far as what site's they are visiting and
> keep either a database record or some type of log to review monthly. I
> have looker at a couple different options but would like some outside
> advice. This is a temporary thing. The system is Linux running
> Apache+Tomcat. MySQL database and a host of other apps but you get the
> jest. Please
> if you have any experience in this or have implemented this tecnique
> post your knowledge. Thanks all .

Well,
a year or so back, I was warking on a company and I had a similar problem. I
installed Squid. Using iptables squid was working as a transparent proxy.
Then I installed a small log analyzer and I had the stats about users
activity. I also found a couple of small txt files wich was used as allowed
- not allowed addresses. That way users could not bypass the proxy and I
had a better balance of my INternet connection (eg a user was downloading
HUGE files. I couldn't find him until the log analyser.
Peter.