Hi there,
I'm currently setting up the ELK suite with pfSense. I will use the pfSense UI to redirect the log to the server where ELK will be installed. My question is, where will the raw logs of pfSense will be stored? I need to keep them somewhere but I don't know what will happen to them if I send them in the server through the Logstash port.
Once an event hits LS it is altered, we add things like the timestamp and change it to json (by default).
So neither LS or ES store the raw logs.
Is there a way to store the logs and then send the to Logstash?
Most likely, I don't know what that would look like as I don't know how pfsense logs.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.