Better logging with a GUI?
-
I'd like to see the firewall logs in a better manner similar to CheckPoint or any other firewall product with a searchable GUI. Because the built-in log view is limited in pfSense, the standard recommendation is to use a syslog server or something better like Splunk. My question is, why? If the SSD I have installed in my pfSense box already has all the logs for everything that happens, why log it twice to something outside of the box?
Are there any packages or GUI tools that can utilize the logs already stored on the pfSense firewall instead of resorting to a syslog server? Ideally the tool would do what all standard firewalls do – search or filter existing conversations by IP address, destination, source, port, accepts, drops, etc. Without such a tool, pfSense cannot compete with the big boys IMO.
Edit: I'm currently using the NanoBSD version and will install the regular new 2.40 version on a different box soon. If the logging/search capabilities is different in NanoBSD, I apologize.
-
The log viewer is not any different in Nano to the Ful Install. However you can already filter by those things. See attached screenshot from 2.3.4_1 Nano 32bit.
Are you seeing those options?
Steve
-
Actually no, I don't see that Advanced Log Filter option at all.
-
Even when you click the filter icon in the top right?
Steve
-
Fixed. Browser issue.
