You can run this command quickly to get some output:
$> acat -w1 -e "request_command GET" | egrep "srcip|url" | less
That'll give you the srcip and the site they made a GET request to. If you want the time too add '|Apr' to the egrep switches let's say (so it'll print the first line too).
You can use -c with egrep to get a count. You can use 'uniq' to see only unique URLs.
As for a report, you might be able to see this with a 'cf reports' command.
This command will show you destination IPs along with the service name, total kilobytes, and total connections to that IP:
$> cf reports run_report report_name=traffic
This will only work if you have already turned on the auditsql and auditdbd daemons:
$> cf server status auditsql
-- To check
$> cf daemond enable agent=auditsql
$> cf daemond enable agent=auditdbd
-- To enable them
You can make your own reports also. Read the 'man cf_reports' manual page to learn how to use the command. It's...a very complicated command.
Ok, here's a report you can run that will show you this for each IP you specify:
$> cf reports run_report report_name=host_activity template_value=10.10.1.1
This will show you all the IPs that 10.10.1.1 went to, with which Service, how many times, and how many bytes transferred both ways.
You'll have to specify each IP you want to look at as the template_value there.