Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Website tracking possible using ELK stack?

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 756 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ando1
      last edited by

      Hi,

      I have just set up an ELK stack on my pfsense box and am successfully capturing firewall data. I do not know much about ELK but am trying to learn more. Another thing I would like to do is monitor websites that are visited by my kids. I was able to send the squid log to syslog using the following:

      access_log syslog:local7.info squid

      I can now see the traffic in Kibana if I filter for "http" so I think it may be pretty simple but I wanted to see if anyone could help. I am looking to set up my dashboard to display the website visited with the time and date, and host that visited the site. I think it involves adding some information to the inputs.conf and grok filter. Can anyone point me in the right direction here?

      Thanks,
      Andy

      1 Reply Last reply Reply Quote 0
      • L
        look2
        last edited by

        Hi.

        I'm trying to do the save, have you made it work?

        But one questions, are you running the ELK stack on the same machine as the pfsens?
        I'm running elk on a different machine to monitor firewall logs, and struggeling to get the squid logs from the pfsense machine to the alk machine.

        How did you manage to get the squid access log in the syslog ?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.