PfSense and Splunk
-
Hi! i find this article (https://hurricanelabs.com/blog/pfsense-logs-splunk/) that explain how configure pfSense to submit logs to a Splunk server. This article considers version 2.1.5 of pfSense (in point 1: Go to Diagnostics -> Edit File, open file /etc/inc/filter.inc). How can I configure the same on pfSense 2.2 (I do not find line "
if($retval != 0) mwexec_bg("/usr/sbin/{$tcpdump_cmd} | logger -t pf -p local0.info");" in this version)?Thank you.