cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ade36
Level 7
Report Inappropriate Content
Message 1 of 4

Find out which pac files are currently being used

Jump to solution
We have several PAC files . I am trying to see how i can figure out which PAC files are still being used or not. Is there a way to know or a log to check to find out?
1 Solution

Accepted Solutions
fw_mon
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 4

Re: Find out which pac files are currently being used

Jump to solution

There is another option which is much easier if you need a temporary solution only: capture network traffic on the port 4713, filter the proxy.pac requests and write them into a file. The second command sorts the requests and outputs a statistics that you requested:

 

 

tcpdump -pnns0 -i any port 4713 -c 100000 -A | grep "GET http://" > /tmp/proxy.txt

perl -ne 'if(/GET (.*) HTTP/){print "$1\n"}' /tmp/proxy.txt | sort | uniq -c | sort -nr

 

 

 

 

 

Good luck!

View solution in original post

3 Replies
fw_mon
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 4

Re: Find out which pac files are currently being used

Jump to solution

hello @ade36 ,

do you host your proxy.pac files on MWG and serve them using File Server? There are several methods to do this (consult https://community.mcafee.com/t5/Documents/Web-Gateway-Hosting-the-proxy-pac-wpad-dat/ta-p/554253 for more information):

if you serves them directly using port 4713/4714 then you have to modify tomcat logging configuration. The disadvantage of this method is that your settings will be overwritten next time when tomcat get updated

if you using port redirect then you can enable port forwarding logging

if you using Next Hop Proxy mehtod, then all proxy.pac requests are already logged in access.log. You can create a separate access.log for proxy.pac only or use linux command line to filter such requests, cut the name of the proxy.pac file, then apply sort/uniq to see the number of requests to each file.

Describe how you've configured proxy.pac hosting so I can provide exact steps.

ade36
Level 7
Report Inappropriate Content
Message 3 of 4

Re: Find out which pac files are currently being used

Jump to solution

thanks . We are using 4713 to serve pac files.

I just need a temporary solution to see which pac files has been accessed .

Do you know what necessary tomcat configuration is needed? or a guide you can show me?

fw_mon
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 4

Re: Find out which pac files are currently being used

Jump to solution

There is another option which is much easier if you need a temporary solution only: capture network traffic on the port 4713, filter the proxy.pac requests and write them into a file. The second command sorts the requests and outputs a statistics that you requested:

 

 

tcpdump -pnns0 -i any port 4713 -c 100000 -A | grep "GET http://" > /tmp/proxy.txt

perl -ne 'if(/GET (.*) HTTP/){print "$1\n"}' /tmp/proxy.txt | sort | uniq -c | sort -nr

 

 

 

 

 

Good luck!

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community