Reg Syslogging
-
Hi
We are planning to have a remote syslog server to store the pfsense logs.Now we have a got a splunk sandbox environment where we can upload our own log files to get the required dashboards.How can we get the raw data (logging data) from pfsense to upload into splunk sandbox env?
Is there any command or option in web GUI to get the complete details of logging in pfsense?
Also if possible please do recommend whether ELK or Splunk has better adaptability with Pfsense.
-
Can you guys advice for the above scenario?
-
There are numerous links to this topic if you use Google. Just type 'www.google.com' into your browser and enter the query 'pfsense syslogs'.
https://doc.pfsense.org/index.php/Copying_Logs_to_a_Remote_Host_with_Syslog
In short, click on the 'Status/System Logs' menu and choose the 'Settings' tab. Then scroll to the Remote Logging Options section.
I use ELK myself, but that's just my opinion.