Simple Firewall Log Viewer

Started by jhw, June 05, 2024, 03:23:17 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 05, 2024, 03:23:17 PM
Hello,

is there a simple, small solution for analysing the firewall logs?

I am happy with features of the Live View but could not find a way to display events of the past. The Plain View does not offer the filter features of Live View.

I searched the forum and the web and found a lot about SIEM / SOC posts with for example pfelk which needs 16 GB RAM minimum.

Regards,
Jan

June 05, 2024, 07:37:21 PM #1
You could take a look at LNAV:

https://lnav.org/
2x 23.7 VMs & CARP, 4x 2.1GHz, 8GB
Cisco L3 switch, ESXi, VDS, vmxnet3
DoT, Chrony, HAProxy + NAXSI, Suricata
VPN: IPSec, OpenVPN, Wireguard
MultiWAN: Fiber 500/500Mbit dual stack + 4G failover

--
Available for private support.
Did my answer help you? Feel free to click [applaud] to the left
June 06, 2024, 10:06:13 AM #2
Thanks, sorano.

If you have already done this, could you explain a bit further. Do you suggest to install it on the OPNsense like described in this post (https://forum.opnsense.org/index.php?topic=12325.0) and point it to /var/log/filter?

Regards,
Jan
Print
Go Up Pages1
User actions