jchisholm59
commented
2 years ago You lost me at
"In Cerebro we stand on top of the pfsense index and unfold the options and select delete index."
Does that not remove all the work we just did ?!?
Open utterances-bot opened 2 years ago
jchisholm59
commented
2 years ago You lost me at
"In Cerebro we stand on top of the pfsense index and unfold the options and select delete index."
Does that not remove all the work we just did ?!?
devopstales
commented
2 years ago Hi @jchisholm59
We modified the template for the index. So we need to delete the index so it can be create with the new template at elasticsearch restart.
NasKar2
commented
2 years ago Thanks for this document. I've been trying for 1 wk to get this working based on old you tube videos with older versions of the software. I'm now on Graylog 4.2 and Elasticsearch 7.10.2. Firewall was preventing any input initially but that is now fixed. I believe I'm getting close but don't understand why all the graphs are not populating. Any thoughts on what to check? https://imgur.com/a/MzA4wI4
devopstales
commented
2 years ago Hi @NasKar2. It is a tipicle problem with the timezone. There is a part at the Import contantpack where I configure to convert the date time in my case to Europe\Budapest.
NasKar2
commented
2 years ago Thanks for the reply. The only thing I found is in pipeline/timestamp_pfsense_for_grafana. I changed it to America/New_York from your Europe/Budapest. Is there another time zone to change?
NasKar2
commented
2 years ago Looks like I got most of the graphs working but editing the graph to use real_timestamp. Not sure what the correct settings are for "Top ip Block by All"
Analyzing PFsense logs in Graylog4 - devopstales
https://devopstales.github.io/linux/graylog4-pfsense/