Remote logging of dnsbl.log
Apparently /var/log/pfblockerng/* is not included in default syslog config, therefore I can't send dnsbl.log to my remote ELK stack for analysis. Did I miss pfblocker option to enable that or should I just manually edit the /etc/syslog.conf to include this file?
Don't know about the syslog option, but I am emailing the dnsbl.log using the mailreport package. Once installed choose Status-Email Reports-Add New Report. Name it, save it, then edit and add this command:
This is assuming email is already working, configured on the system-advanced-notifications page.