OPNsense Forum

English Forums => General Discussion => Topic started by: spetrillo on June 26, 2019, 04:28:46 am

Title: Installing Logstash on OPNsense
Post by: spetrillo on June 26, 2019, 04:28:46 am

Has anyone been able to install an up to date rev of Logstash on OPNsense. I am trying to do this, and then have ES and Kibana on a separate Windows PC. The goal is to push all logs and data, so I can visualize it with Kibana.

I am new to FreeBSD and coming from Windows.

Title: Re: Installing Logstash on OPNsense
Post by: mimugmail on June 26, 2019, 06:37:53 am

Why do you need logstash on the Firewall itself?
You have to export the logs, e.g. via Syslog to an exernal logstash instance.

Title: Re: Installing Logstash on OPNsense
Post by: spetrillo on June 26, 2019, 04:22:06 pm

It is my understanding that Surricata logs cannot go to syslog. Is that incorrect?

Title: Re: Installing Logstash on OPNsense
Post by: mimugmail on June 26, 2019, 05:20:29 pm

pkg install beats


... use filebeat ...

Title: Re: Installing Logstash on OPNsense
Post by: spetrillo on June 27, 2019, 03:29:26 pm

Ahhh got it...can we also configure the other Beats, like Metric/Packet/Heart on OPNsense?