Installing Logstash on OPNsense

spetrillo · June 26, 2019, 04:28:46 AM

Has anyone been able to install an up to date rev of Logstash on OPNsense. I am trying to do this, and then have ES and Kibana on a separate Windows PC. The goal is to push all logs and data, so I can visualize it with Kibana.

I am new to FreeBSD and coming from Windows.

mimugmail · June 26, 2019, 06:37:53 AM

Why do you need logstash on the Firewall itself?
You have to export the logs, e.g. via Syslog to an exernal logstash instance.

spetrillo · June 26, 2019, 04:22:06 PM

It is my understanding that Surricata logs cannot go to syslog. Is that incorrect?

mimugmail · June 26, 2019, 05:20:29 PM

pkg install beats

... use filebeat ...

spetrillo · June 27, 2019, 03:29:26 PM

Ahhh got it...can we also configure the other Beats, like Metric/Packet/Heart on OPNsense?

Installing Logstash on OPNsense

spetrillo

June 26, 2019, 04:28:46 AM

mimugmail

June 26, 2019, 06:37:53 AM #1

spetrillo

June 26, 2019, 04:22:06 PM #2

mimugmail

June 26, 2019, 05:20:29 PM #3

spetrillo

June 27, 2019, 03:29:26 PM #4