cancel
Showing results for 
Search instead for 
Did you mean: 
bjoernt
Level 9

How identify traffic from MWG?

Hi togehter,

one of our MWG´s produce a lot of traffic but we cant identify what the system do. Anyone knows how we can identify what the system do?

Here is a screen of the Proxy who produce the traffic:
Proxy-SB.JPG

The traffic seems not to be at all the time. Last night the traffic goes down but day before traffic continues. Problem exists since tuesday this week:

proxy-cacti-sb.JPG

Here ist the other one:

Proxy-RM.JPG

proxy-cacti-rm.JPG

We took a look in the traces via Wireshark and have seen traffic from Web Gateway with a big download but the stream is crypted.

We think its the Filesystem usage and will make a Ticket:

2016-05-19 16_52_52-Proxy - Nachricht (HTML).jpg

BR

Bjoern

0 Kudos
2 Replies
mikrotik
Level 10

Re: How identify traffic from MWG?

Greetings!

Yes, please install McAfee Web Reporter then you can identify which computer/user account is responsible for it. All web traffic will be shown in reporter with great details of sites and bandwidth consumed.

Thank You!

0 Kudos
bjoernt
Level 9

Re: How identify traffic from MWG?

Thx. Without Web Reporter or CSR you can see that in the Feedback-File "running-mwg-core.txt" or command "/opt/mwg/bin/mwg-core -S connections". Command or Feedback-File must create at time when traffic is there.