I wrote an SNMP listener in Python
that updates a mysql table. I was using it primarily to log incoming
connection attempts (i.e. port scans) since my linksys should never have
inbound traffic for most of the common server ports. It?s somewhat like
a honeypot, but only able to log connection attempts. The Python code
could easily be modified to log all of the inbound connections and/or the
outbound connections. You could then use any favorite tool to query and
manipulate the db table.
Michael
Michael,
That sounds
like a great project. And it sounds like it is doing what you need done. I had
some success in logging to syslog (installed snmpd on my PC). I decided to
discontinue as my PC is low on resources (memory, processor speed, disk size)
- and logging was cutting into the main purpose of the PC.
I'll revisit
logging once I pick up a slightly beefier PC (or two).
Bruce