One of my goals in starting a journey with OpnSense was to get an idea of the protocols travelling on my network. I want to be able to monitor my network and to see what is being used and in what volume etc. Some of my interest is in a lot of traffic showing that I really do not understand.
I am assuming Suricata is a route to this with appropriate rules loaded, though it does not seem to have a great set of reporting functions. Could anyone point me in a direction that it would be logical to travel with this? I appreciate it may not be possible, in which case how close can I get using the IPS system?
NTOPNG
Thanks, I will give it a try.
https://github.com/opnsense/docs/pull/53/files