Show Posts
1
General Discussion / OPNsense and Graylog
« on: March 14, 2017, 10:32:31 am »
Hello.
I feel stupid.
My OPNsense is up and running.
I setup a graylog server because I found it hard to work with the logginginterface from the OPNsense. (maybe that is my real problem)
So now my greylog server is getting the logs from the OPNsene but it is impossible to work with that input.
For example my graylog get this input en mass:
2017-03-14 10:19:12.000 filterlog:
filterlog: 57,16777216,,0,em0,match,pass,out,4,0x0,,63,35571,0,DF,17,udp,74, {MY IP} ,8.8.8.8,30480,53,54
but I can't search or filter because this is a single line of data.
Is there anything wrong with the OPNsense sending the data?
Does anyone know wich field is what information?
I feel stupid.
My OPNsense is up and running.
I setup a graylog server because I found it hard to work with the logginginterface from the OPNsense. (maybe that is my real problem)
So now my greylog server is getting the logs from the OPNsene but it is impossible to work with that input.
For example my graylog get this input en mass:
2017-03-14 10:19:12.000 filterlog:
filterlog: 57,16777216,,0,em0,match,pass,out,4,0x0,,63,35571,0,DF,17,udp,74, {MY IP} ,8.8.8.8,30480,53,54
but I can't search or filter because this is a single line of data.
Is there anything wrong with the OPNsense sending the data?
Does anyone know wich field is what information?