Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Firewall Reporting Advice
« previous
next »
Print
Pages: [
1
]
Author
Topic: Firewall Reporting Advice (Read 2828 times)
opendns@taylorco.net
Newbie
Posts: 2
Karma: 0
Firewall Reporting Advice
«
on:
June 01, 2018, 08:23:16 pm »
Hello All,
I am a new user to Opnsense and like the flow of the interface, but cannot seem to get reporting on what the firewall is doing the way I am use to. What I am trying to see is
List of all blocked connections, with IP, rule and country info
aggregate of blocked connections, with with IP and country info
Ideally what I think all the solutions need is one dashboard/report that shows anything blocked and the reason, firewall, web filter, IPS, etc.
I am really interested in knowing how others are doing this or other reporting.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Firewall Reporting Advice
«
Reply #1 on:
June 01, 2018, 09:59:10 pm »
The best solution is an ELK stack (Elasticsearch, Logstash and Kibana)
With ES, you have a Document storage DB and Index - all services log to this DB.
Logstash acts as a central syslog server and forwards all log lines to ES - here is a more or less ready to use config:
https://github.com/fabianfrz/opnsense-logstash-config
Kibana is a Tool to create dashboards etc. from ES data. You can do everything you mentioned there.
Logged
opendns@taylorco.net
Newbie
Posts: 2
Karma: 0
Re: Firewall Reporting Advice
«
Reply #2 on:
June 06, 2018, 06:33:04 pm »
Thanks, that seems to be a robust solution. For now I have decided to go a different direction.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Firewall Reporting Advice
