Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Tags
    3. logging
    Log in to post
    • All categories
    • L

      How to change Kea DHCP log level

      Watching Ignoring Scheduled Pinned Locked Moved DHCP and DNS kea logging verbosity severity
      3
      0 Votes
      3 Posts
      355 Views
      L

      @Gertjan, thx very much for your awesome reply. I really appreciate it as I learned something new 👍 😎
      To be honest, it's the first time I read something about the services.inc-file. Super interesting!!

      Of course, I tried it and it works like a charm.

    • JonathanLeeJ

      UNOFFICIAL GUIDE: Have Package Logs Record to a secondary SSD drive Snort Syslog Squid and or Squid cache system

      Watching Ignoring Scheduled Pinned Locked Moved Cache/Proxy logging ssd snort squid syslog-ng
      7
      0 Votes
      7 Posts
      410 Views
      JonathanLeeJ

      this can also be done with squidlight

      first delete the /var/lightsquid/report
      create a new file to use with lightsquid on your other drive and link them

      rmdir -r /var/lightsquid/report

      mkdir /var/lightsquid/report

      mkdir /nvme/Logs_Optane/Light_Squid_Reports

      ln -s F /nvme/Logs_Optane/Light_Squid_Reports /var/lightsquid/report

    • A

      Potential Bug: Read Only User able to crash syslogd service

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions permissions services logging
      5
      1 Votes
      5 Posts
      256 Views
      stephenw10S

      https://redmine.pfsense.org/issues/15874

      https://redmine.pfsense.org/issues/15873

      Thanks! 👍

    • JonathanLeeJ

      Use of Syslog-ng Package to see Bridge Mode AP syslog events on firewall.

      Watching Ignoring Scheduled Pinned Locked Moved pfSense Packages syslog-ng syslog access point nas logging
      2
      0 Votes
      2 Posts
      641 Views
      JonathanLeeJ

      I know what your thinking, Big deal, I got logs in pfSense,

      But here the issue is, most often you will be running your AP in bridge mode and having pfSense hand out the DHCP addresses, and if your in bridge mode not much info on whats connecting to the NAS internally behind the firewall is ever seen on the firewall logs. This gives you a level of visibility not normally seen within pfSense unless it is configured. Again if you can do it with one AP you can do it with an alias for many APs on a bigger network. This gives you more information into possibile mac spoofing and unauthorized access. If you use remote access and Dynamic DNS for your network, you can see the firewall logs and the AP logs as well.

    • TAC57T

      System Logs / Firewall Not Logging

      Watching Ignoring Scheduled Pinned Locked Moved Firewalling log view logging
      12
      0 Votes
      12 Posts
      906 Views
      Bob.DigB

      @Bob-Dig said in System Logs / Firewall Not Logging:

      You are right, I also can't see it.
      I call @johnpoz

      Ooops, now I see it... was to late for me that day.

    • M

      Graylog server on a raspberry pi

      Watching Ignoring Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion logging
      11
      1 Votes
      11 Posts
      4k Views
      M

      @michmoor said in Graylog server on a raspberry pi:

      The 'count' in your charts. Should we assume thats how many sessions were created on the firewall, i.e. how many times a packet hit that rule?

      Based on what I've observed so far, this would be the same thing you would see in System logs > Firewall in Pfsense logs.

      Since its a game, it is probably using UDP, right? I never played Roblox.. So I can't tell.

      You can click the play button inside this chart to take a look at each of those entries to check.

    • AndyRHA

      Suppress "arp: is using my IP address"

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions logging
      7
      0 Votes
      7 Posts
      2k Views
      AndyRHA

      Downtime at my house is not a thing.
      It has been booted after this started and has only been up 23 days... embarrassingly short time...
      I just now got around to asking if there is a way to stop it.

      Thank you for the suggestions.

    • L

      How to get Suricata logs into Graylog?

      Watching Ignoring Scheduled Pinned Locked Moved IDS/IPS logging pfsense suricata
      3
      0 Votes
      3 Posts
      2k Views
      L

      @kiokoman Ugh, thank you! Working now!

    • M

      Increasing quality graph resolution

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions quality monitoring rrd logging resolution
      2
      0 Votes
      2 Posts
      707 Views
      DerelictD

      RRD intentionally aggregates data into larger intervals as the data gets older.

      The monitoring graphs are intended to provide troubleshooting information, not be a high-resolution, historical archive. For that you can query the device using something like cacti or zabbix or a plethora of others.

      Setting 8 hours x 1 minute resolution is pretty comprehensive. Anything longer than 8 hours and the resolution will be reduced.