Use a proxy like Squid and keep the logs. Have some kind of syslog to analyze those logs for reporting.

Thank u sir

but i can't enable the proxy , i'm using admin user
find attach file ...

Use a proxy like Squid and keep the logs. Have some kind of syslog to analyze those logs for reporting.

1 by 1 plz

step by step

There is a bug in 6.4 where on the first open of some windows for Winbox, it treats it like it is in read-only mode, try to reopen it.

With that being said, depending on the number of users that you have, you may want to use an external proxy like squid instead of the built in proxy. The internal one isn't optimized for larger locations, and depending on the board you have, may not have the CPU power to handle everything.

The best and most secure way of doing it is to setup the proxy server on a different routed interface with a different subnet. People can set their proxy server in their browsers to the appropriate IP address. You then either forward the logs to a syslog server, or have some kind of syslog server running on the proxy server that you can run reports on. You can also force people to use the proxy server in this setup with an appropriate NAT rule, and configuration on the proxy server. However that will only work for HTTP traffic and not HTTPS.

Similarly for the Mikrotik, you can enable the proxy and have people set their proxy server in their computers to the MikroTik. You then setup the logging in the MikroTik to forward subjects with "proxy" to an external syslog server that you can run your reports on. With a similar NAT rule you can force people to use the proxy server, but faces the same restrictions as above.