Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Logs export on daily basis

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 5 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kesaribabu
      last edited by

      Hi everyone,

      Is their any way to export OpenVPN logs on a daily basis for audit purpose???
      If their is way or chance, let me know.

      In order to track WFH user connections on a daily basis, i need all users authenticated information for every day. That is, i need to report like Day 1: These many users connected at these times , and day 2 ............

      How can i get this information? Do we have any plugin/package to install to extract or export all vpn logs
      or
      can we have a cron job on a daily job????

      1 Reply Last reply Reply Quote 1
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Doing it daily would be unreliable. On pfSense versions before 2.5.0, the log is a binary circular log. As new log entries come, old ones are deleted. There are likely way more entries in a day than would fit in the log.

        What you need is to setup an external syslog server and export the logs there from pfSense (Status > System Logs, Settings tab. Then your syslog server can keep them long-term and do whatever reporting you require.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        K 1 Reply Last reply Reply Quote 1
        • K
          kesaribabu @jimp
          last edited by

          @jimp thank you, I'll do it as per your advice.

          1 Reply Last reply Reply Quote 0
          • adamwA
            adamw
            last edited by

            I'm reviving this topic since most users should now be using OpenVPN v 2.5.0+.

            My pfSense+ v 23.05

            Has anything been implemented to facilitate daily digest reports of OpenVPN activity?

            Or maybe somebody put together a local script and a cronjob to do that and is willing to share?

            Logwatch on Debian does it nicely e.g. for SSH:

            --------------------- SSHD Begin ------------------------ 

Users logging in through sshd:
   user1:
      100.100.100.100 (100.100.100.100.example1.com): 1 Times
   user2:
      200.200.200.200 (pool-200-200-200-200.example2.com): 2 Times

**Unmatched Entries**
Accepted key RSA SHA256:16C1614BTTe/00F5kbD4DM59aNUpJ1vSVo+YQuqkWZE found at /etc/ssh/keys/user2.pub:1 : 2 Times
Accepted key RSA SHA256:fK15rjp7hNSuiOjZqDoekOpJYSkz0kIP57hmtduCTOI found at /etc/ssh/keys/user2.pub:1 : 4 Times
Read error from remote host 200.200.200.200 port 56326: Connection reset by peer : 1 Time
error: kex_exchange_identification: Connection closed by remote host : 288 Times

---------------------- SSHD End -------------------------
            adamwA 1 Reply Last reply Reply Quote 0
            • adamwA
              adamw @adamw
              last edited by adamw

              Any updates on this?

              I would imagine most OpenVPN users wanting such tool to be included.

              Personally I would really like to see daily statistics via email.

              Similar to Logwatch in Linux which is easy to install and configure.

              GertjanG marcelobeckmannM 2 Replies Last reply Reply Quote 0
              • GertjanG
                Gertjan @adamw
                last edited by

                @adamw said in OpenVPN Logs export on daily basis:

                Any updates on this?

                4 steps :

                2c013019-bcbd-492c-a05a-adadebf94da6-image.png

                This :

                Allows you to setup periodic e-mail reports containing command output, and log file contents

                looks like what you're asking for.

                Never used it myself.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • marcelobeckmannM
                  marcelobeckmann @adamw
                  last edited by

                  @adamw If you export pfSense logs to a syslog server, you can start filtering information about connections and disconnections via:

                  grep -E 'Peer Connection Initiated|new connection by client|Inactivity timeout' openvpn.log

                  It's possible to make a shell script to parse the information to make a report and send by email.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.