3. PfBlocker log format

PfBlocker log format

  • B

    Hi All,

    I have pfBlocker 1.0.2 on pfSense 2.1.5 (haven't made the 2.2 upgrade yet). I also recently started exporting my logs to a server running ELSA. However I've noticed that the blocked packet logs are rather useless (see screenshot). They state a rule number that was blocked, but no text. So I still have to go to my pf page to check what happened.

    SO, does anyone know if the new version of pfBlocker adds more useful logs with text strings? And if not, would it be possible to somehow make the logging format customizeable? A hack on my end or a feature request?

    0
  • D
    Banned

    pfBlocker does not log anything. It creates firewall rules. Logging and its format is core pf. And no, there is no decription text in pfSense 2.2.x either. If you want description, stop using raw logs.

    0
  • Moderator

    Yes unfortunately, pfSense Syslogs do not contain the "Description" field in its output. I know that user "fearnothing" has written a parser (pfsense 2.2) for ELSA. Its available here:

    https://groups.google.com/forum/#!topic/security-onion/P4oALAvH-Ek

    0
  • B

    Thank you BBcan! I'll look into that this weekend. I appreciate the helpful answer :)

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy