-
I have attempted to manually set up pfELK. I have installed Elasticsearch, Logstash and Kibana. On my pfSense instance, I have sent the logs to my Elasticseach IP and port 5140. On my Elasticseach in…
-
Only getting 27 Fields when creating the pf-* index, seems like their should be more. No source.port, source.IP and many others. Used the script install on fresh Ubuntu Server 20.0. No other custom co…
-
I've tried everything that I can think of, but for some reason I cannot get Logstash to listen on port 5140. I have ran "sudo netstat -tulpn | grep LIST*" and do not see it listening on any TCP or UDP…
-
Hi! I have tried installing using the script and manually and each time I get the same results. I am on Ubuntu 20.04 and all services are started. I cannot get any data to ingest from pfsense 2.4.5. A…
-
Thanks for this awesome stack I've set this up and I have configured the 50-output.conf to send the data to an Azure Log Analytics workspace.
Currently I am sending pf_message to Azure which gives…
-
**Describe the bug**
Sounds similar to issue 3ilson/pfelk#118
**To Reproduce**
Steps to reproduce the behavior:
1. install Ubuntu 18
2. install pfElk via ansible
3. access Kibana frontend
4.…
-
Here is the feature request for the Squid-Proxy Logs as discusses :)
My config and logs are generated under OPNsense 20.7.1
Here is a part of the squid config. I use my own CA for certificates on …
-
@a3ilson i followed your installation guide to the end, but when i try to create index pattern pf-*
i get a response "your index pattern does not match any indices" but you have 1 index which look s…
-
Hi, I have configured PFElk to receive logs via syslog, but it only works locally. When I do the configuration for my PFSense, PFElk don't return any logs.
-
I have the same issue with the pf-* pattern.
I did the manual install first, didnt work. deleted all files and configs and used the script.
Still having the same issue.
Firewall System (please co…