Some logs is missing



  • OS:2.1.2 i386

    Local system logs are normal,
    But the record is not complete remote logs(traffic,DHCP request,portal Auth all some logs missing,The most severe portal)

    etc CP logs:
    13:07 > 5 user login,but syslog only 1 user
    13:05 > 5 user  login,but syslog only 1 user


  • Netgate Administrator

    So just to clarify, the problem here is that not all log entries are being passed to an external syslog server?

    Are you running a NanoBSD install?

    Steve



  • installation process:
    pf 2.1.2 Live CD->use(99) option install to CF(axiomtek NA-710)

    version:
    2.1.2-RELEASE (i386)
    built on Thu Apr 10 05:23:31 EDT 2014
    FreeBSD 8.3-RELEASE-p15

    Because there is the issue of information security audit,found that some records are missing.Try to downgrade 2.0.3, the problem remains.

    My friend's pfsense devices have the same problem,installed in the HP Server.



  • Not forgetting that, normally, syslog runs on UDP.  If anything is corrupted it will be just discarded.  Have you checked for errors on the network between machines?

    Edit:  Or maybe run a packet capture to see if pfSense is actually sending them?