Integrating pfsense with kibana
I have pfsense installed in VMWare workstation and I have my kibana server in base operating system which is Windows 10. I want to send pfsense logs to kibana for visualization. Anyone for rescue?
Raffi_ last edited by Raffi_
I only know if this project https://github.com/3ilson/pfelk, but it's for ubuntu, docker and such. I do have this working somewhat with pfsense using this site. The main thing I wanted was a better logging system and ELK is great for that. I could never get the nice geo maps working. I haven't had time to update it. This won't really help you on Windows, but it might give you some hints on where to look or maybe consider using something other than Windows 10 for a server environment. You might have a hard time finding any projects or doc for what you're trying to do on Windows, which I suspect since you're asking here. Since you can spin up VM's why not an ubuntu server VM for ELK? You can then follow this project which is getting updated frequently with new ELK releases.
@Raffi_ I have a dual boot system and I can run the same on ubuntu as well. I have visited the site you shared and it says Ubuntu server as pre-requisite. Will that run with Ubuntu 18.04?
Raffi_ last edited by
Yes, it will run on 18.04. I have the logging working with 18.04. I haven't been able to get the nice dashboards working with the latest 7.8 elk. However, that's mostly because I haven't spent the time. All the information is there. There are also youtube videos by this same project.
DaddyGo last edited by
kibana server ??????????
how about such a solution?
nice things were made in it and for pfSense:
bmeeks last edited by
Just an FYI related to Telegraf. The next release of the Suricata package will be 5.0.3 and will feature support for an EVE JSON Unix Socket to feed Suricata performance statistics to Telegraf.
Status >> System Logs >> Settings
Set the logging of things you want...
Remote Logserver = Kibana
On Kibana open up port 514 for accepting logs.