Hi. Is possible to log specific http requests.

For example if people visit specific web pages (urls) and even submit some text data to them?

We do not want to deny that urls, but monitor what people are sending.

I imply http and not https...

THANKS

Not out of the box.

Maybe some third party tool will do this, however I doubt this as this is a nasty can of worms when it comes to privacy and integrity (on top of legal issues). If you want to pursue this avenue anyway I recommend that you have a look at the TMG SDK in order to implement a web filter that dumps what you need to a log file for certain web sites. For a reasonably skilled programmer it won't be that difficult.

Thanks on answer.

Do you know and third party tool which could do this request?

Some third party firewall which could solve this situation?

Thanks...

No I don't but I haven't looked in any detail for such an application.

Reason for this?

Same as stated in my first reply - you don't want to do this from an integrity, privacy and (possibly) legal perspective. You may have valid reasons I do not know about but in my neck of the woods this would be illegal as I interpret your initial post as this would be done without the user knowing about this.

Again, it is fairly straightforward to develop a web filter in TMG that would do this (see http://msdn.microsoft.com/en-us/library/ff827462(v=VS.85).aspx) but I seriously doubt you'll find a commercial application that would do this for you.

Maybe someone else knows.

Use Reports or do a Query directly on the TMG logs could basically display what user is visiting a specific website, and to some extent, you could see what they are posting i belive, depending on how the POST is done(ie if it's included in the URL), but i don't think you would achieve what you're looking for.

As Anders said, it's quite a mess on the legal front to inspect users traffic this closely without a reasonable cause.

Basically, TMG doesn't log all data that is sent, only information about the traffic source, destination, size, method and so on.

Ben wrote a post about the logs:

http://blogs.technet.com/b/ben/archive/2012/01/06/querying-the-tmg-log-directly.aspx

So a web filter or a second Proxy would probably be the only technical way to get that information. But the logs would be HUGE unless there is a feature to actually only log the data that is relevant (NSA style). =)

HTH

Patric

Hi

Based on my knowledge ,both ISA and TMG  are unable to monitor detailed behavior about web accessing. However, you may try to monitor the traffic by third-party software like GFI WebMonitor.

You can refer to the link below in according to your requirement:

http://www.gfi.com/products-and-solutions/network-security-solutions/gfi-webmonitor/resources/documentations