sueess86
commented
3 years ago 
Open sueess86 opened 3 years ago
sueess86
commented
3 years ago
sueess86
commented
3 years ago the fields in graylog look like missing.
sueess86
commented
3 years ago 
bioscopic
commented
3 years ago I had this same issue of logs not showing up. What I did to fix it was to log into graylog --> click on streams --> click on manage rules icon on the bottom for the pfsense stream. Change the manage stream rule from A message must match all of the following rules to A message must match at least one of the following rules.
Then you should start to see traffic maybe.
ricktonoli
commented
3 years ago In case it helps, I had the same problem and my issue was the ElasticSearch container was running at a different timezone to my pfsense server. If you add TZ= followed by the correct timezone data (according to https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) to the elasticsearch.env file, it seems to show data in the stream.
In fact, I added that to all the containers environment files to make sure they were all running at the same timezone as my pfsense server.
The installation and configuration was done exactly according to the instructions. I see that the pfSense firewall sends the logs to Graylog. There I also get about 2 to 15 entries per second. Neither in the Graylog stream nor in Grafana I see any recorded logs let alone graphs. Is there a bug with index template or content pack here?
I use pfSense Plus 21.05