On 5/14/2014 2:16 PM, Travis Hansen wrote: > Do you have some good grok patterns for indexing pfsense data? > > I started some a while back for this exact setup but gave up.
Keep an eye on the logs for pfSense 2.2. We ditched the native pflog tcpdump style output and changed to a single line comma-separated log output that should be fairly simple to parse by external utilities. The logs on 2.2 have some issues on amd64 yet, but work on i386 if you're looking to tinker right now. Jim _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
