Logging: Install ELK on pfsense?



  • Hi, I want to install ELK stack on my pfsense. How can I do it?. I read some tutorials but it is with an external server using remote syslog and I want to do it in pfsense.

    there are some other alternatives for log management with pfsense?

    Thanks!


  • Banned

    The only "alternative" is syslog-ng. This is a router/firewall, not log management appliance. Would suggest to move efforts elsewhere.



  • OK, maybe I buy a "proxmox server" or just a raspberry pi. Expensive vs Cheap.

    Thanks!



  • OK, maybe I buy a "proxmox server" or just a raspberry pi. Expensive vs Cheap.

    How many Switches, Routers and Firewall are in your network?
    How great is the network load by the logfiles, this can be really different between smaller and larger networks?

    So an Intel NUC can be to small if your network comes with switch stacks and many routers away.
    And if you only owns one pfSense and one switch a smaller server will be really to great!



  • I have a small/home network. So with raspberry pi is enough just for collecting logs. But, I'm thinking in mount a virtual server (proxmox) and I could use a virtual machine for logs. Also I would like to install in that virtual server: kali linux, honeypots, web servers, etc. I have to start saving!  :)

    Thanks.