Backward step in Logging

Started by bigops, February 22, 2018, 04:01:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 22, 2018, 04:01:09 PM
Does someone think that in 18.1 the logging has taken one step forward and two backwards??  In the earlier version the non live logging was in a readable format.  But with 18.1 what we have is a raw feed, and a overview screen which is good information, but does not have any drill down capability.  So I know that I have a bunch of requests being blocked by the firewall, but no way to find out what they are unless i analyze the arcane raw log.  Or am in missing something here   ??? ??? ???

February 22, 2018, 05:15:33 PM #1
It's not yet complete. For example the ability to 'quick add' a rule is not there yet.

I've not had any issues using it as it stands though. If I want to look at all ipv6 entries I just enter 'ipv6' in the filter, likewise for packet type or IP address or combinations.

My logging is turned off most of the time anyway, and I turn on the logging I am interested in seeing when I need to, so for example, I turn on default block logging then enter the filter I need, soon shows me what I need to see and I adjust or create a rule accordingly.
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
February 27, 2018, 08:51:46 PM #2
It's still largely the same in the live log now only with less filtering, although everything can be filtered like before. We have a few fixes for 18.1.3 and want to bring back selection of columns (which then filter), improve the filter a little to join queries and then in a final step bring back the rule creation, but that really really needs API firewall support which will take the longest.


Cheers,
Franco
Print
Go Up Pages1
User actions