1. Home
  2. pfSense® Software
  3. General pfSense Questions
  4. Notification on events

Notification on events

  • S

    Hi,

    I would like to receive notifications on events, such as user login, cpu and memory hog and so on.
    I've set up email notifications.
    When may I select events to be notified about?

    I'm using pfSense 2.4.5 p1

    Thanks

    0 Gertjan 1 Reply
  • Gertjan

    @sandman42 said in Notification on events:

    When may I select events to be notified about?

    When such a functionality is implemented, which isn't the case right now.
    There are a few events that are signalled - these are hard-coded, like the update done, a reboot, and several NUT/UPS notification.

    Way back, I asked myself the same question, and implemented this - it's a good old Munin, which permit to set thresholds, warnings and error conditions, and it can be set to send mails.
    Munin needs a internal or external web server, a client part on pfSense, to be set up on pfSense (it's not a pfSense package) and a remote part - the "server".

    Btw : as you can see, memory usage of a firewall/router is rather non relevant, as it's doing always the same thing all the time. Users aren't login, except the admin. I do have users logging in, but these are captive portal users - not really pfSense resources when they log in.

    Not much is happing on a firewall. When set up initially, you should consult follow the logs the first days / weeks / months. When things are stable, you could check up some what less, let's say ones a week.
    When you upgrade something, this procedure should be repeated : check regularly. And do what I do : read the graph stats which also can show a lot over time.

    0
  • S

    Hello!

    The Munin program looks nice!

    The pfsense mailreport package lets you build and schedule custom reports.

    There are also scripts that you can use to hand-roll your own email notifications, like:

    clog /var/log/system.log | grep -iE 'successful login | logged out | authentication error' | php /usr/local/bin/mail.php -s="My login report"

    or

    php /etc/rc.notify_message -em "Test notification"

    I think there are also lots of siem tools out there that will do what you want.

    John

    0
  • S

    Thanks for the answer Gertjan

    I'll have a look at it

    Ciao

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy