1
24.1 Legacy Series / Re: PHP Fatal Error - nginx/tls_ua-fingerprint.php
« on: July 09, 2024, 12:13:38 am »
Thank you for pointing towards the github report. , I removed the handshakes.json file.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
24.1 Legacy Series / PHP Fatal Error - nginx/tls_ua-fingerprint.php
« on: July 05, 2024, 05:52:21 pm »
Good morning all. Can you help point me in the right direction for fixing the following error:
[01-Jul-2024 16:10:03 America/Denver] PHP Fatal error: Allowed memory size of 1073741824 bytes exhausted (tried to allocate 358617088 bytes) in /usr/local/opnsense/scripts/nginx/tls_ua_fingerprint.php on line 135
I seem to be getting the error almost every 10 minutes. Restarting the firewall doesn't seem to matter. I'm pulling the above error from the crash reporter. I've tried looking at the logs in /var/log/nginx and didn't see anything towards that error. I've checked /var/log/dmesg.today, php-fpm.log also.
I feel like I'm looking in the wrong places. Do you have any suggestions of appropriate log files to check to help determine the issue behind the error?
**EDIT I just realized I posted this in the 24.7 dev, is it possible to move it the 24.1 forum?
Thank you!
[01-Jul-2024 16:10:03 America/Denver] PHP Fatal error: Allowed memory size of 1073741824 bytes exhausted (tried to allocate 358617088 bytes) in /usr/local/opnsense/scripts/nginx/tls_ua_fingerprint.php on line 135
I seem to be getting the error almost every 10 minutes. Restarting the firewall doesn't seem to matter. I'm pulling the above error from the crash reporter. I've tried looking at the logs in /var/log/nginx and didn't see anything towards that error. I've checked /var/log/dmesg.today, php-fpm.log also.
I feel like I'm looking in the wrong places. Do you have any suggestions of appropriate log files to check to help determine the issue behind the error?
**EDIT I just realized I posted this in the 24.7 dev, is it possible to move it the 24.1 forum?
Thank you!
3
22.1 Legacy Series / OPNSense with Elastic pfSense integration Date format
« on: July 06, 2022, 04:55:15 pm »
I have recently moved from an on-premise Elastic SIEM to a cloud based solution. When I was running the on-premise stack, I used an integration from github https://github.com/pfelk/pfelk. I had no issues with the integration. On the cloud version of Elastic, there is a integration based on the github project called pfsense logs. The integration has OPNSense listed as being supported but I'm running into an issue where the date in the filter log is in a different format than what is expected.
My firewall output is this:
<134>1 2022-06-09T14:44:11-06:00 firewall.opnsense.net filterlog 76404 - [meta sequenceId="1"] 124,,,fae559338f65e11c53669fc3642c93c2,ixl1_vlan70,match,pass,out,4,0x0,,63,5687,0,DF,6,tcp,60,192.168.100.99,10.62.0.75,40370,80,0,S,3364871769,,65535,,mss;sackOK;TS;nop;wscale
The expected is:
<134>Jan 1 02:21:38 firewall.opnsense.net filterlog[97530]: 146,,,1535324496,igb1.12,match,block,in,4,0x0,,63,12617,0,DF,6,tcp,60,10.170.12.50,175.16.199.1,49724,853,0,S,1891286705,,64240,,mss;sackOK;TS;nop;wscale
I have tried switching the logging to the RFC5424 and I saw no change in the log output. I did make sure to restart the syslogng service after saving and applying the config change.
Is there a way to change the date format in the filter log?
Thanks!
My firewall output is this:
<134>1 2022-06-09T14:44:11-06:00 firewall.opnsense.net filterlog 76404 - [meta sequenceId="1"] 124,,,fae559338f65e11c53669fc3642c93c2,ixl1_vlan70,match,pass,out,4,0x0,,63,5687,0,DF,6,tcp,60,192.168.100.99,10.62.0.75,40370,80,0,S,3364871769,,65535,,mss;sackOK;TS;nop;wscale
The expected is:
<134>Jan 1 02:21:38 firewall.opnsense.net filterlog[97530]: 146,,,1535324496,igb1.12,match,block,in,4,0x0,,63,12617,0,DF,6,tcp,60,10.170.12.50,175.16.199.1,49724,853,0,S,1891286705,,64240,,mss;sackOK;TS;nop;wscale
I have tried switching the logging to the RFC5424 and I saw no change in the log output. I did make sure to restart the syslogng service after saving and applying the config change.
Is there a way to change the date format in the filter log?
Thanks!
Pages: [1]