Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Automatic logging of admin changes

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 68 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      rtw915
      last edited by

      For PCI compliance, post-mortems, and general troubleshooting I am trying to find a way to send admin changes via syslog or SNMP to a monitoring solution. These logs would include the admin who made the change, when the change was made, a brief description of what was changed, and preferably if the change was a firewall rule also the description field, which in my case would contain the URL of the associated ticket number for the rule. I am aware that this can kinda be done in a manual cumbersome way using Diagnostics -> Backup & Restore -> Config History and do a diff between changes, but this is fairly tedious. I need this info to be stored outside of the firewall so that if the firewall crashes the changes are still available. Someone also suggested taking a backup after every change specifying the change in the name of the backup file, but humans forget. This needs to be an automated solution. We already use Oxidized and send it to git but the XML has many unrelated non admin changes which makes this difficult to use for this purpose. Thanks for the help!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.