Replies: 3 comments
-
|
Are you seeing any pfsense logs? How are you ingesting the pfsense logs? |
Beta Was this translation helpful? Give feedback.
-
|
I'm using the pfSense integration with my default so-grid-nodes_general policy. When I look at the dashboard Firewall - pfSense/OPNsense I see blocks and pass event.actions. I also see events under the authorization dashboard. On the pfSense firewall I am sending "everything" so I was expecting to see dhcp requests to the pfSense firewall from client machines. |
Beta Was this translation helpful? Give feedback.
-
|
Do you have a sample log? Looking at the integration pipeline its looking for |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Version
2.4.190
Installation Method
Security Onion ISO image
Description
configuration
Installation Type
Standalone
Location
on-prem with Internet access
Hardware Specs
Meets minimum requirements
CPU
8
RAM
16
Storage for /
200
Storage for /nsm
0
Network Traffic Collection
other (please provide detail below)
Network Traffic Speeds
Less than 1Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
No, there are no failures
Logs
No, there are no additional clues
Detail
Hello,
Working on a lab setup and I am receiving block an pass events from my pfSense firewall (2.7.2-RELEASE), but I am not seeing DHCP release and renew messages from client vms attached to the pfSense fw. I can see the information being passed to SO in a packet capture, just nothing in dashboard or Kibana. Thoughts?
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions