Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Syslog: How can I interpret this in realtime?

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 278 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      voxmagna1
      last edited by

      I have Kiwi syslog running on Windows and capturing the pfsense log output to file. But how do you get from the raw message data into something meaningful? The message format and separators don't seem to conform to some of the more common Unix based log file structures I've looked at.

      I want to parse the message string in realtime and create my own tables with header titles. I could probably make some sense of the message string parsing the ofline saved file with an Excel template but this isn't realtime when I want to troubleshoot applications and their connections as they run. Is there an easy way to 'analyze' the syslog output in realtime?

      Sample log output:

      08-09-2017 10:42:05 Local0.Info 192.168.1.1 Aug  9 10:41:37 filterlog: 5,,,1000000103,pppoe0,match,block,in,4,0x0,,52,13142,0,none,6,tcp,44,92.45.103.246,80.234.159.124,80,52256,0,SA,457397558,2569890616,16384,,mss
      08-09-2017 10:41:52 Local0.Info 192.168.1.1 Aug  9 10:41:23 filterlog: 5,,,1000000103,pppoe0,match,block,in,4,0x0,,52,65512,0,none,6,tcp,44,92.45.103.246,80.234.159.124,80,59521,0,SA,1373236878,4140268976,16384,,mss
      08-09-2017 10:41:44 Local0.Info 192.168.1.1 Aug  9 10:41:16 filterlog: 5,,,1000000103,pppoe0,match,block,in,4,0x0,,57,0,0,DF,17,udp,69,185.165.29.89,80.234.159.124,52052,111,49
      08-09-2017 10:41:25 Local0.Info 192.168.1.1 Aug  9 10:40:56 filterlog: 5,,,1000000103,pppoe0,match,block,in,4,0x0,,249,54321,0,none,6,tcp,40,178.62.198.6,80.234.159.124,53374,2455,0,S,4057808422,,65535,,

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.