Text only | Text with Images

OPNsense Forum

Archive => 24.1, 24.4 Legacy Series => Topic started by: jhw on June 05, 2024, 03:23:17 PM

Title: Simple Firewall Log Viewer
Post by: jhw on June 05, 2024, 03:23:17 PM
Hello,

is there a simple, small solution for analysing the firewall logs?

I am happy with features of the Live View but could not find a way to display events of the past. The Plain View does not offer the filter features of Live View.

I searched the forum and the web and found a lot about SIEM / SOC posts with for example pfelk which needs 16 GB RAM minimum.

Regards,
Jan

Title: Re: Simple Firewall Log Viewer
Post by: sorano on June 05, 2024, 07:37:21 PM
You could take a look at LNAV:

https://lnav.org/
Title: Re: Simple Firewall Log Viewer
Post by: jhw on June 06, 2024, 10:06:13 AM
Thanks, sorano.

If you have already done this, could you explain a bit further. Do you suggest to install it on the OPNsense like described in this post (https://forum.opnsense.org/index.php?topic=12325.0) and point it to /var/log/filter?

Regards,
Jan
Text only | Text with Images