Hi,
New to Graylog. I configured the VM and started sending my pfSense logs. I then found a link to the extractors in the Marketplace, but they do not appear to be working.
I’m running pfSense v.2.3.4 and Graylog v.2.2.3
I see some links to other extractors when doing a Google search, but only the link above exists in the Marketplace. Looking for tips to get this working.
did you checked the issues for that?
I’ll have to take a further look. After filtering to view all logs from source filterlog: in real time, I can see that some are being parsed correctly and some are not.
So far Graylog looks promising as a syslog solution for pfSense. I need to take the time to read the documentation more thoroughly and find some good tutorials.
@jan - I fixed the regex used for udp to lowercase as per one of the issues and it appears to have fixed part of my problem. There are still a few events coming through that are not parsing correctly. I’ll have to take a look at those next. - Thx
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
