Activity Monitor in Firewall
-
Hello everyone, I would like to know if there is an addon to see the activity of the firewall as if it were a watchguard firewall to give an example, something that shows live or in a monitor of the blockages or the general activity of the FW. Thank you...
-
Hi,
Do you mean, something like that?
https://forum.netgate.com/topic/152132/grafana-dashboard-using-telegraf-with-additional-plugins
https://github.com/VictorRobellini/pfSense-Dashboard -
Thanks for the answer, it seems to me a very complete solution, but it does not say in the description that it does a monitoring of the firewall:
What's Monitored
Active Users
Uptime
Total CPU Load
Disk Utilization
Memory utilization
CPU Utilization per core (Single Graph)
Ram Utilization time graph
Load Average
Load Average Graph
CPU and ACPI Temperature Sensors
pfBlocker IP Stats
pfBlocker DNS Stats
Gateway Response time - dpinger
List of interfaces with IP, MAC, Status and pfSesnse labels thanks to / u / trumee
WAN Statistics - Traffic & Throughput (Identified by dashboard variable)
LAN Statistics - Traffic & Throughput (Identified by dashboard variable)
Unbound stats - Plugin and config included and working but not implemented -
@kapvcop said in Activity Monitor in Firewall:
but it does not say in the description that it does a monitoring of the firewall
This is basic NGFW itself and its details, but you can add sensors to observe on your own.
This is not fixed.
-
@DaddyGo Thanks, where can i find the complements?
-
All parameters (sensor) that Telegraf can send to the database (Influxdb) chances... are Grafana can display it.
These will have to be set up on the Grafana surface with a lot of work and experimentation.There are plenty of Grafana fans, please look at their work and descriptions to set a parameter to monitor.
https://community.grafana.com/
https://grafana.com/grafana/dashboards/9806
https://github.com/grafana/grafana
https://www.reddit.com/r/grafana/and etc.
-
@DaddyGo Thanks a lot!
-
What exactly are you looking to "monitor" all of the stuff you listed can be "monitored" via the gui and either the firewall log, or the monitoring tab and picking the graph you want to look at.
I could understand if you had a central monitoring solution for all your other devices, and you wanted to add pfsense. But what exactly are you looking for that you can not find right in the gui for info on what the firewall is doing? And what its cpu and ram and temp and throughput is right there already in the gui..
But sure if you want it all in a fancy dashboard, that can be done with 3rd party tools.
-
@johnpoz thanks for yours words...
Hi, what's up? First, I don't understand them when they tell me these things, I'm betting my trust in Pfsense, which seems to me a reasonable product and yes, I hope for many things that I've already found ...About monitoring, I wait more to take the best decisions at the moment, I am not interested in seeing how much memory is left or the CPU load, although it is true that it is important I would like to have a better view of the activity of the Firewall, for example, what is blocking live what is passing through it for example.
I need to have at all times a clear view of the traffic that is happening, refusing or trying to pass, for this a good tool would be good even if it is from third parties. That is what I hope the product can offer me, and if it is from third parties, well welcome, I insist I am betting on Pfsense, everything that it can do and the power it has seems very good to me, I just hope I can improve the monitoring of the Firewall.
Thank you very much and I hope you know how to understand me. -
@kapvcop said in Activity Monitor in Firewall:
what is blocking live what is passing through it
Look that the firewall log then. It doesn't log what it allows normally - but you can set.. Or look at the state table ;)
Send it to a syslog if you want it some other tool.
-
@kapvcop "I need to have at all times a clear view of the traffic that is happening,"
you want more than a "sysadmin" task... (with logs) ???, !!!
@johnpoz, from an IT standpoint, give you a chance...
everyone can and will do it.....read dry log files...clearly define what you want to see.....
(I say only, because a firewall can do more than you think)
