OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: bigops on February 22, 2018, 04:01:09 pm

Title: Backward step in Logging
Post by: bigops on February 22, 2018, 04:01:09 pm
Does someone think that in 18.1 the logging has taken one step forward and two backwards??  In the earlier version the non live logging was in a readable format.  But with 18.1 what we have is a raw feed, and a overview screen which is good information, but does not have any drill down capability.  So I know that I have a bunch of requests being blocked by the firewall, but no way to find out what they are unless i analyze the arcane raw log.  Or am in missing something here   ??? ??? ???

Title: Re: Backward step in Logging
Post by: marjohn56 on February 22, 2018, 05:15:33 pm
It's not yet complete. For example the ability to 'quick add' a rule is not there yet.

I've not had any issues using it as it stands though. If I want to look at all ipv6 entries I just enter 'ipv6' in the filter, likewise for packet type or IP address or combinations.

My logging is turned off most of the time anyway, and I turn on the logging I am interested in seeing when I need to, so for example, I turn on default block logging then enter the filter I need, soon shows me what I need to see and I adjust or create a rule accordingly.
Title: Re: Backward step in Logging
Post by: franco on February 27, 2018, 08:51:46 pm
It's still largely the same in the live log now only with less filtering, although everything can be filtered like before. We have a few fixes for 18.1.3 and want to bring back selection of columns (which then filter), improve the filter a little to join queries and then in a final step bring back the rule creation, but that really really needs API firewall support which will take the longest.