Hello Community,
I have a question regarding OPNsense logging. I'm currently referencing two documents from the "Kali Purple SOC-IAB - Overview":
My current issue is that I want to log my lighttpd logs. I can see the UDP packets being sent from the OPNsense interface, and I can also monitor these packets using Wireshark on Kali Purple and see the data.
However, the problem arises when I search for logs in Discover with logs-* data_stream.dataset : "pfsense.log", as I cannot see the packets I need.
Could anyone provide any suggestions or point out any specific settings I might have missed? Thank you all for your help.