Backward step in Logging

Started by bigops, February 22, 2018, 04:01:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 22, 2018, 04:01:09 PM
Does someone think that in 18.1 the logging has taken one step forward and two backwards??  In the earlier version the non live logging was in a readable format.  But with 18.1 what we have is a raw feed, and a overview screen which is good information, but does not have any drill down capability.  So I know that I have a bunch of requests being blocked by the firewall, but no way to find out what they are unless i analyze the arcane raw log.  Or am in missing something here   ??? ??? ???

February 22, 2018, 05:15:33 PM #1
It's not yet complete. For example the ability to 'quick add' a rule is not there yet.

I've not had any issues using it as it stands though. If I want to look at all ipv6 entries I just enter 'ipv6' in the filter, likewise for packet type or IP address or combinations.

My logging is turned off most of the time anyway, and I turn on the logging I am interested in seeing when I need to, so for example, I turn on default block logging then enter the filter I need, soon shows me what I need to see and I adjust or create a rule accordingly.
OPNsense 26.1a - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
February 27, 2018, 08:51:46 PM #2
It's still largely the same in the live log now only with less filtering, although everything can be filtered like before. We have a few fixes for 18.1.3 and want to bring back selection of columns (which then filter), improve the filter a little to join queries and then in a final step bring back the rule creation, but that really really needs API firewall support which will take the longest.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
Print
Go Up Pages1
User actions