Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
GraySense - Loganalysis with Graylog for OPNSense
« previous
next »
Print
Pages: [
1
]
Author
Topic: GraySense - Loganalysis with Graylog for OPNSense (Read 4997 times)
ThetaGamma
Newbie
Posts: 2
Karma: 1
GraySense - Loganalysis with Graylog for OPNSense
«
on:
November 07, 2019, 12:39:42 pm »
Dear all
After searching a manageble solution for analysing firwall logs on my homegrown OPNSense, I picked up a lot of ideas from the community and build a solution, based on docker containers and graylog, that is supposed to be easy installable with some basic IT Know-How. It could be the starting point for someone not willing to dig deep into elasticsearch or graylog configuration, but to get nice and usable results with minimal effort.
I called the project "GraySense" and the very first version could be found here:
https://gitlab.com/thetagamma11/greysense
Basically it's just a snapshot of a working environment with a compose file and a Graylog ContentPack. The most further effort will probably go the the README, as this is the crucial part to make it reproducable for starters (like I was some weeks before ;-) )
I'd be happy if you find it useful an would appreciate ramblings, critics, suggestions and commits :-)
Best
Theta
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: GraySense - Loganalysis with Graylog for OPNSense
«
Reply #1 on:
November 07, 2019, 08:13:50 pm »
Nice idea
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
thg0432
Newbie
Posts: 25
Karma: 3
Re: GraySense - Loganalysis with Graylog for OPNSense
«
Reply #2 on:
January 23, 2020, 09:29:29 pm »
Hey just wanted to add a note on this.. I installed this today to test and had to set the version of graylog to 3.1.2-1 in the compose file. They changed the entry point in the newer versions to include "tini -- /docker-entrypoint" and i'm not exactly a docker wiz by any means so the simpliest solution appeared to be reverting versions
Logged
thg0432
Newbie
Posts: 25
Karma: 3
Re: GraySense - Loganalysis with Graylog for OPNSense
«
Reply #3 on:
January 23, 2020, 09:33:01 pm »
welp, nvm i take that back. was GRAYLOG_HTTP_EXTERNAL_URI= it didn't like...commented that out and updated back to 3.1 stable...working fine
Logged
lfirewall1243
Hero Member
Posts: 1386
Karma: 45
Re: GraySense - Loganalysis with Graylog for OPNSense
«
Reply #4 on:
January 30, 2020, 04:31:33 pm »
Very nice project.
But is it possible to show CPU usage, ... in Graylog or only in Zabbix?
Logged
(Unoffial Community) OPNsense Telegram Group:
https://t.me/joinchat/0o9JuLUXRFpiNmJk
PM for paid support
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
GraySense - Loganalysis with Graylog for OPNSense