Sensei on OPNsense - Application based filtering

[Misant]

Installed Sensei today on a Qotom. seems to be working fine. Setup is just for a small household with me and my girlfriend, but we are going to expand to a dog and 2 kids. So torture tests will have to wait for some time.

[mb]

Hi @sagem2004,

Thank you for the clarification.

Google Safesearch enforcement is in Sensei's short-term roadmap. Should arrive with Sensei 1.0, which is the first production release for Sensei (ETA Q1 2019).

[mb]

@Misant, Good to hear that :)

[sagem2004]

Hi @sagem2004,

Thank you for the clarification.

Google Safesearch enforcement is in Sensei's short-term roadmap. Should arrive with Sensei 1.0, which is the first production release for Sensei (ETA Q1 2019).

very Good news thank you :) :) :) :) :)

[manjeet]

Thanks for it..

Hi @manjeet,

Glad that installation went smooth.

Thanks. It is installed and working.

I still have one same issue as mentioned before.. In "Table of Local Assets" and "Table of Remote Hosts" i only see 10 devices / hosts. I have changed criteria to volume, time interval 24 hours. I have also checked it by increasing settings. I am currently running more then 30 devices. So is there a limit on no of showing hosts or anything ?? I need to provide bandwidth usage (upload / download / total) reporting of all the devices in network daily basis. Any other way to do so ??

Ah, now I see what you're trying to accomplish. All charts on the report tabs will show top 10 records. For table reports, I guess we can put an option to provide the full list.

Stay tuned. We'll pass an update.

I do not how it calculate the top 10 but i think you have an issue here.. I was looking at "Insight" for current network usage and find out that one of the system has consumed 4GB of data since morning. I checked it in Sensei and it showed the same 4GB data usage for that IP.

But when i checked the top 10 list in "dashboard" and in "reports" (No filters, cross-checked) (it showed me that same report), this IP with 4GB usage was not there. Even some other IPs which Insight showed were not also there.

It showed me list of top 10 which i think is better match with the last night usage but not since this morning. Its been 6 hours and i do not see those IP in this list.

[mb]

Hi @manjeet,

I see. Let's dig deeper. Can you reach us through sensei -at- sunnyvalley.io?

[cgwork]

Hello, mb

Is there a way to clear all the logs in Sensei?

[mb]

Hi @cgwork,

Use the following two scripts to delete and re-create all reporting indices:

/usr/local/sensei/scripts/installers/elasticsearch/delete_all.py
/usr/local/sensei/scripts/installers/elasticsearch/create_indices.py

This will be also a Web UI menu item with the upcoming Sensei update (0.7.0-rc3).

[cgwork]

Hi @cgwork,

Use the following two scripts to delete and re-create all reporting indices:

/usr/local/sensei/scripts/installers/elasticsearch/delete_all.py
/usr/local/sensei/scripts/installers/elasticsearch/create_indices.py

This will be also a Web UI menu item with the upcoming Sensei update (0.7.0-rc3).

Awesome Thank you ... also have you thought of getting the reports to be printed or converted to .pdf format? i also noticed when i get the emails and "click to download and view the detailed reports" are blank see attachment. Did i miss an check in the box so i get them? I'm currently selected only Sessions but it would be nice if i could get all of them or select the once i would like to have.

Thank you again for the hard work.

[mb]

Hi @cgwork,

You're all welcome. We had introduced PDF export previously.  It's being re-worked and will be available shortly.

You shouldn't receive an empty html file. Looks like a problem. Can you share which e-mail provider you are using? It's been tested with major ones like Gmail & Outlook. Let's try with yours.

[cgwork]

sure i'm using gmail for this setup

[kagou]

Hi. I'v some problems with sensei (look at the picture).
I'v tried first with my system but after some problems i'v rebuilt my interface assignments, removing bridge system.
Now i'v a WAN/DMZ/WIFI/LAN on my 4 ethernet ports.
I'v stoped and used the "You can restore all Sensei packet engine configuration to their original defaults by clicking 'Reset' button."
Set just ma LAN to be supervised, but look at the picture

[mb]

Hi @kagou,

Looks like a problem with the backend indexes.

Can you try these if they fix the problem?

/usr/local/sensei/scripts/installers/elasticsearch/delete_all.py
/usr/local/sensei/scripts/installers/elasticsearch/create_indices.py


It it does not, can you share your /var/log/elasticsearch/elasticsearch-2018-12-13.log log file to sensei - at - sunnyvalley.io ?

[mb]

Hi @cgwork,

sure i'm using gmail for this setup

Gmail should be fine. Can you forward the email to sensei - at - sunnyvalley.io ? If you can forward as an attachment, that'd be perfect.

Are you using Gmail through a browser, or through an email client?

[mb]

Update to @manjeet's post: https://forum.opnsense.org/index.php?topic=9521.msg48451#msg48451

Spotted the problem. A typo avoided reporting criteria to be reflected for some reports.

Fix should arrive with 0.7.0 release.