OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: guest17399 on July 18, 2019, 01:02:33 pm

Title: idea filebeat / metricbeat
Post by: guest17399 on July 18, 2019, 01:02:33 pm

Hello friends!
I propose to develop plugins for the integration of filebeat and metricbeat, as well as their configuration.

I raise the question a second time ... Still, there is support for suricata and this is very good. And suricata with geodata.

Title: Re: idea filebeat / metricbeat
Post by: guest17399 on July 18, 2019, 02:00:08 pm

https://extelligenceblog.it/2017/07/11/elastic-stack-suricata-idps-and-pfsense-firewall-part-1/
https://pkg.freebsd.org/freebsd:11:x86:64/latest/All/
https://freebsd.pkgs.org/12/freebsd-ports-latest-amd64/beats-6.7.1.txz.html

Title: Re: idea filebeat / metricbeat
Post by: guest17399 on July 22, 2019, 11:01:10 pm

http://pfelk.3ilson.com/
Bloody envy that everything is so simple.

Title: Re: idea filebeat / metricbeat
Post by: spetrillo on July 30, 2019, 03:49:48 am

I would love to see an Elastic Beats implementation on OPNsense, especially if we want the various data from our firewalls.

Title: Re: idea filebeat / metricbeat
Post by: guest17399 on August 13, 2019, 03:35:35 pm

I think we won’t wait.
But so much could be added - netflow, suricata ...

Title: Re: idea filebeat / metricbeat
Post by: MrJohnBBQ on November 23, 2019, 07:58:38 am

Hear hear! Chiming in as a beats plugin would be amazingly useful.

Just metricbeats alone would help tons, although packet and files would be great as well.

For those who are interested in following the standard syslog -> logstash, the github referencing the post above is active and surprising up-to-date on the latest versions of java / elk and only a tad behind opnsense (18.1).

https://github.com/a3ilson/pfelk