Turn on *NETSCK in your security auditing and you will get entried that look like this in the audit journal.
A172.24.1.46 8015 172.24.1.36 43342
I don't have a regular webpage running on that box, but 8015 is CGIWRKDBF running on apache.
On Wed, 2020-04-22 at 17:16 +0000, Justin Taylor wrote:
The IP would be sufficient.
Thanks
-----Original Message-----
From: Kevin Bucknum [mailto:
<mailto:Kevin@xxxxxxxxxxxxxxxxxxx>
Kevin@xxxxxxxxxxxxxxxxxxx
]
Sent: Wednesday, April 22, 2020 8:31 AM
To:
<mailto:web400@xxxxxxxxxxxxxxxxxx>
web400@xxxxxxxxxxxxxxxxxx
Subject: Re: [WEB400] Identify http:// connections
What is your definition of a client. Do you just IP addresses of who connects? Do you need the url they are connecting to? Do you need their auth name/info if used?
On Wed, 2020-04-22 at 12:51 +0000, Justin Taylor wrote:
I'd prefer something server-wide rather than having to check in each program, but I have to work with what I can.
Thanks
[
https://www.medtronsoftware.com/img/MedtronMinilogo.bmp] Kevin Bucknum
Senior Programmer Analyst
MEDDATA / MEDTRON
120 Innwood Drive
Covington LA 70433
Local: 985-893-2550
Toll Free: 877-893-2550
https://www.medtronsoftware.com
CONFIDENTIALITY NOTICE
This document and any accompanying this email transmission contain confidential information, belonging to the sender that is legally privileged. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party and is required to destroy the information after its stated need has been fulfilled. If you are not the intended recipient, or the employee of agent responsible to deliver it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or action taken in reliance on the contents of these documents is STRICTLY PROHIBITED. If you have received this email in error, please notify the sender immediately to arrange for return or destruction of these documents.
midrange.com
