Is it possible to enable OPNsense as a syslog receiver for other devices in the LAN? I found everthing for sending logs outside, but not for being a syslog server.
Thanks
Not that I am aware.
The local logs are processed using clog and syslog would write many data to disk.
The firewall is not a good place to store this information.
In most configurations the firewall is facing WAN and should not store sensitive data. Logfiles often contain such data.
Beside that the filesystem could be run out of space and could cause problems on the firewall doing its job.
Not a good idea.
Thanks. This is not really a security endpoint, just a middle firewall, so I don't bother much about security in this specific situation.
You say it's still not possible, right? I'd better turn to a standard distro and setup the services I need there, do I?
Thanks again
Only because I do not recommend it, it could still be possible.
If you configure the syslog service manually it should be possible.
OPNsense is not intended for log collection from other devices mostly because such a possibility would spike the requests for more log parsing beyond the integrated services which we cannot provide for the core system because it's not part of the core mission.
Cheers,
Franco
Ok, thank you for the feedback
have a look into graylog