Best way to do extensive logging on pfSense

keyser

Hi.

I'm looking to substiantially increase the logging of my pfsense and are wondering about the limits of the built in logging features (diskspace, analytics tools and so forth). I'd rather not have to set up a syslog server and 3'rd party log ananlysis tools.

If I want to keep say ~50 Gb of log's back in time (circular concatenated) - can that be done in pfSense, and will the built-in log analysis tool work with that kind of data?
How do I make sure I have the diskspace for that kind of log? Do I need to make an install with a particular partition expanded to 50+Gb?

If i want to go back in time and se my bandwidth usage in little more detail (say a week ago), can I get a more granular graph than averages by the hour as the STATUS -> MONITORING menu allows?

keyser

No one with input on this question?

doktornotor

@keyser:

No one with input on this question?

With

@keyser:

I'd rather not have to set up a syslog server and 3'rd party log ananlysis tools.

no, not exactly. This is a firewall/router, offload the logs archiving and mangling somewhere else.

Set up an Incinga2 or PRTG server for monitoring or on a bigger NAS as a log file storage only

biggsy

Even Splunk is free if you are pumping in <500 MB of logs per day.