I basically just get syslog logs of all web traffic going through the router. I just want to be able to do analysis against the logs to determine all traffic going to sites matching %S__E__%torrent% '
Basically I'm trying to practice a situation where I am expected to catch guys downloading tv series.
Assuming no security device can be placed inline due to logical and budgetary restraints.