Firewall > Logs Files > Live View ---- But for historical stored logs?

Started by foss-johnny, August 09, 2025, 02:57:22 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 09, 2025, 02:57:22 AM Last Edit: August 09, 2025, 03:29:08 AM by foss-johnny
Hi OPNsense community!

The Live Log view (Firewall > Logs Files > Live View) is great! It allows you to filter easily and find what traffic is passing through the firewall easily.

I'm wondering if there is a similar view that can be used to filter the firewalls historical logs (syslogs)?

Any advice would be great!

Thanks!

August 09, 2025, 05:55:45 PM #1
I think you're stuck with an external log parser for that.

Heck, even searching "Firewall: Log Files: Plain View" spikes a core for long periods - but oddly doesn't seem to exercise the SSD. OPNsense logging could use a lot of work, but unfortunately it would really have to start with pf. Lots of time/money in that endeavor.
August 12, 2025, 01:05:01 PM #2
The idea has been there for a while now but lack of time has been a constant road block for this and other nice-to-have features.

Business interest doesn't seem to play a role here either.


Cheers,
Franco
August 12, 2025, 01:29:53 PM #3
As for traffic visibility I can highly recommend ElastiFlow. That might fit part of your requirements.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 12, 2025, 03:14:19 PM #4
Or you can just sent them to Pfelk or just a simple syslog server.

OPNsense can do that, you will not have such a "nice" "eye candy" representation but the sessions can be sent via syslog to a collector.

Regards,
S.
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD
Print
Go Up Pages1
User actions