Can anyone point me in the direction of a working pfsense extractor?
pfsense - 22.05
Graylog - 4.2.13
Thank you!
Hello,
Did you see this?
I saw and installed those first. I currently have them as extractors in my pfsense input. Unfortunately, when I search the pfsense stream, the logs are still unparsed.
Hello,
If the extractors are not working as it should, I would hit up the person that created it. He/she would know better on what going on with that. I haven’t used those extractors, I prefer to make my own.
Or if you show/give more details on what going on perhaps someone here might help out, just a thought.
EDIT: Another thing you could do is test those extractors. If there showing up on the pfSense input → Click edit on one of the extractors and see if it creates the field/s. There is actually a couple ways you can test those, either click on the message drop down, copy the index & message ID, or the suggestion I stated above.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.