OpenVPN (pfSense) + Graylog + Grafana?
-
Anyone have had any chance to tinker with OpenVPN + Graylog?
I was able to to Parse logs to Graylog and Graph them using Grafana for separate pfsense boxes of squid, pfsense firewall logs, and snort.
However I'm having a hard time doing so with OpenVPN as its logs are separate already and it is rather sending per line and not as similar to the other package logs were they are a sent as a whole message that you need to parse using regex, JSON extractor or grok patterns. Also, if it is possible, if we can get bandwidth in/out as logs, I can only see them on the realtime status page of Openvpn (Status > OpenVPN), but does not logged it on it's syslogs which being sent to logs server.
right now I am very limited to parsing RADIUS/NPS which the Openvpn authenticates to, it is very limited since it only logs timestamps and AD username, and a bunch of useless stuff(for me), unlike the openvpn logs, where you can get the users connecting Public IP and assigned internal IP and bandwidth.
Appreciate any of your feedback please.
Thanks!
-
bump
-
bump