Hi OPNsense community!
The Live Log view (Firewall > Logs Files > Live View) is great! It allows you to filter easily and find what traffic is passing through the firewall easily.
I'm wondering if there is a similar view that can be used to filter the firewalls historical logs (syslogs)?
Any advice would be great!
Thanks!
I think you're stuck with an external log parser for that.
Heck, even searching "Firewall: Log Files: Plain View" spikes a core for long periods - but oddly doesn't seem to exercise the SSD. OPNsense logging could use a lot of work, but unfortunately it would really have to start with pf. Lots of time/money in that endeavor.
The idea has been there for a while now but lack of time has been a constant road block for this and other nice-to-have features.
Business interest doesn't seem to play a role here either.
Cheers,
Franco
As for traffic visibility I can highly recommend ElastiFlow. That might fit part of your requirements.
Or you can just sent them to Pfelk or just a simple syslog server.
OPNsense can do that, you will not have such a "nice" "eye candy" representation but the sessions can be sent via syslog to a collector.
Regards,
S.