1
23.1 Legacy Series / Re: howto use livelog correctly
« on: October 26, 2023, 12:19:53 pm »
I think I have now understood how OPNSense thought of it.
first i disabled the default log rules:
Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
Log packets processed by automatic outbound NAT rules
So there are much(!!) less entries in the live log. And if I now activate "enable logging" in a firewall rule, it also appears in the live log.
Are there any best practices which rules should be logged by default?
first i disabled the default log rules:
Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
Log packets processed by automatic outbound NAT rules
So there are much(!!) less entries in the live log. And if I now activate "enable logging" in a firewall rule, it also appears in the live log.
Are there any best practices which rules should be logged by default?