Intrusion, where could I post logs ?

  • Hi,
      I am new to pfsense. 
      In our company it is installed as a virtualized machine on ESXi 6.5
      Since a couple of week I have started having something strange in the log file after I have tried to add another VPN (we have openvpn)
      Also, I did some manuevers like reistalling from a backup to restore previous state but since then I still have the same suspicious log entries after few days after restore.

    Which is the best place in this board to analyze the log file with your help ?

    Thank you,

  • Rebel Alliance Developer Netgate

    Whichever log you see the "suspicious" entry in, post it in that section. For example if it's a firewall log, post in the Firewall board. If it's in the OpenVPN log, post in the OpenVPN board, if it's a Snort or Suricata alert log, post in the IDS/IPS Board.