OPNSense Extractors

dscryber · March 24, 2022, 4:38pm

@IRQ10

Extractors for Graylog to parse OPNsense firewall logs. Should be able to parse most all IPv4/IPv6, ICMP, UDP, & TCP messages.

6/21/18 Update to IPv6 ICMP. OPNsense sends “ICMPv6”, remove case insensitive regex for better processing when under heavy load.
8/13/19 Update to support OPNsense message format change.+
6/26/21 Update - Removed some ICMP extractors. Updated to new OPNsense log message format.
12/2/21 Update - Fixed incorrect CSV headers. Removed OPNsense-Unbound_Extractor.

Topic		Replies	Views
Graylog pfSense Extractors Other Solutions other_solutions	0	886	March 24, 2022
Thorough extractors for pfsense filter logs Other Solutions other_solutions	1	3095	March 13, 2023
Extractor using CSV converter for space delimited messages? Graylog Central (peer support)	6	3593	December 24, 2018
Extractor works in test but not on message Graylog Central (peer support)	6	865	March 3, 2019
Cisco ASA Extractors for Graylog Other Solutions other_solutions	0	1241	March 15, 2022