6.9. Traffic reports

Zorp can automatically create daily, weekly, and monthly statistics about the transmitted traffic, and send them to an administrator or auditor through e-mail. The reports are in Adobe Portable Document (PDF) format. Note that these reports do not provide detailed statistics about every host on your network, rather they can be used to identify the most active hosts ("top-talkers") and to examine trends and sudden changes in the statistics (outliers).

In general, every section of the report consists of a table that details the ten most active clients (for example, the ten clients who transferred the most data in a zone) and a pie chart that displays every client. Note that on the pie chart, only the clients responsible for at least ten percent of the total value are labeled, all other clients are aggregated under the Others label.

Note

Every Zorp host, and every node of a Zorp cluster creates and sends a separate report. Reporting options must be configured on every Zorp host separately.

The reports include the following information:

  • Network Traffic: It provides traffic statistics for the entire network.

  • Zone Traffic: It provides traffic statistics for every zone defined in Zorp. Note that this report can be long if there are many zones defined.

  • Mail Delivery Traffic: It provides statistics for the total transferred SMTP traffic, as well as for the most active accounts. Top senders and recipients are listed separately.

  • Spam and Virus Reports: It provides statistics about spam and infected e-mails.

  • Access Control Reports: It provides statistics about connection-attempts that were blocked by Zorp.

  • URL Reports: It provides a list of websites generating more than a set amount of traffic, and a list of their top visitors. By default, ULR Reports are not included in the regular reports, see Procedure 6.9.1, Configuring Zorp reporting for details on configuring them.

Warning

The reports are only sent to the e-mail address set in /etc/zorp/reports/options.conf, they are not stored locally on the Zorp host.

Tip

To generate reports manually for arbitrary time periods, use the report.py command-line tool. Run report.py without parameters to display the available options and parameters of the application.

Previous Up Next
 Home