Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Notification on events

    General pfSense Questions
    3
    4
    245
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sandman42 last edited by

      Hi,

      I would like to receive notifications on events, such as user login, cpu and memory hog and so on.
      I've set up email notifications.
      When may I select events to be notified about?

      I'm using pfSense 2.4.5 p1

      Thanks

      Gertjan 1 Reply Last reply Reply Quote 0
      • Gertjan
        Gertjan @sandman42 last edited by

        @sandman42 said in Notification on events:

        When may I select events to be notified about?

        When such a functionality is implemented, which isn't the case right now.
        There are a few events that are signalled - these are hard-coded, like the update done, a reboot, and several NUT/UPS notification.

        Way back, I asked myself the same question, and implemented this - it's a good old Munin, which permit to set thresholds, warnings and error conditions, and it can be set to send mails.
        Munin needs a internal or external web server, a client part on pfSense, to be set up on pfSense (it's not a pfSense package) and a remote part - the "server".

        Btw : as you can see, memory usage of a firewall/router is rather non relevant, as it's doing always the same thing all the time. Users aren't login, except the admin. I do have users logging in, but these are captive portal users - not really pfSense resources when they log in.

        Not much is happing on a firewall. When set up initially, you should consult follow the logs the first days / weeks / months. When things are stable, you could check up some what less, let's say ones a week.
        When you upgrade something, this procedure should be repeated : check regularly. And do what I do : read the graph stats which also can show a lot over time.

        No "help me" PM's please. Use the forum.

        1 Reply Last reply Reply Quote 0
        • S
          serbus last edited by

          Hello!

          The Munin program looks nice!

          The pfsense mailreport package lets you build and schedule custom reports.

          There are also scripts that you can use to hand-roll your own email notifications, like:

          clog /var/log/system.log | grep -iE 'successful login | logged out | authentication error' | php /usr/local/bin/mail.php -s="My login report"

          or

          php /etc/rc.notify_message -em "Test notification"

          I think there are also lots of siem tools out there that will do what you want.

          John

          Lex parsimoniae

          1 Reply Last reply Reply Quote 0
          • S
            sandman42 last edited by

            Thanks for the answer Gertjan

            I'll have a look at it

            Ciao

            1 Reply Last reply Reply Quote 0
            • First post
              Last post