Security onion/ELSA updates for pfsense
-
The SecurityOnion project has published updates which include my pfsense 2.2 firewall log parsers. BBCan177 also made it possible to add custom ELSA queries to the menu.
I won't be surprised if your setup produces logs that the parsers I wrote don't cover; my setup is pretty minimal. I would be happy to write more patterns to cover cases I have not encountered; just send me a PM containing an example message that is not parsed.