[pfSense] Sending logs to external server
Now that I have the network stable (thank you so much!) I have another task I need/want to accomplish: Does anyone have recommendations or suggestions for off-loading log files at the end of the day to another server? Specifically I’m wanting the system log and the squid logs sent out and rotated afterwards. We’ve already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) but I would like to set up something that crawls through the raw files automatically every night and report back via email. I can write the script to crawl the data - that’s not a problem - it’s just that the ALIX board is not powerful enough to handle the needs I have. Thanks again, Ryan * I still have a few stages to hit on the deployment but that user will eventually be unblocked. We had to rollback the throttling configuration while we were having stability issues. Right now we’re at 60 hours and counting and I plan to re-implement that limiter tomorrow morning. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Sending logs to external server
Please guide me how u do this on pfsense firewall . We've already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) Thnx Mohan On Mar 25, 2014 12:14 AM, Ryan Coleman ryanjc...@me.com wrote: Now that I have the network stable (thank you so much!) I have another task I need/want to accomplish: Does anyone have recommendations or suggestions for off-loading log files at the end of the day to another server? Specifically I'm wanting the system log and the squid logs sent out and rotated afterwards. We've already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) but I would like to set up something that crawls through the raw files automatically every night and report back via email. I can write the script to crawl the data - that's not a problem - it's just that the ALIX board is not powerful enough to handle the needs I have. Thanks again, Ryan * I still have a few stages to hit on the deployment but that user will eventually be unblocked. We had to rollback the throttling configuration while we were having stability issues. Right now we're at 60 hours and counting and I plan to re-implement that limiter tomorrow morning. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Sending logs to external server
From the status menu, select System Logs From the system logs page, click on Settings Scroll down to Remote logging Options Enable Remote logging For the remote Syslog Servers, enter the address of your syslog server (any Linux or FreeBSD server running a copy of syslog that will take outside logging). It will send all of the system logs to the syslog host. Note, squid is an application/package and its log files will not be included. Either the squid config will have to be changed, or you could try using rsync to copy the logs. Walter On Mon, Mar 24, 2014 at 12:13 PM, A Mohan Rao mohanra...@gmail.com wrote: Please guide me how u do this on pfsense firewall . We've already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) Thnx Mohan On Mar 25, 2014 12:14 AM, Ryan Coleman ryanjc...@me.com wrote: Now that I have the network stable (thank you so much!) I have another task I need/want to accomplish: Does anyone have recommendations or suggestions for off-loading log files at the end of the day to another server? Specifically I'm wanting the system log and the squid logs sent out and rotated afterwards. We've already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) but I would like to set up something that crawls through the raw files automatically every night and report back via email. I can write the script to crawl the data - that's not a problem - it's just that the ALIX board is not powerful enough to handle the needs I have. Thanks again, Ryan * I still have a few stages to hit on the deployment but that user will eventually be unblocked. We had to rollback the throttling configuration while we were having stability issues. Right now we're at 60 hours and counting and I plan to re-implement that limiter tomorrow morning. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Sending logs to external server
This may also help: https://forum.pfsense.org/index.php?topic=68762.0 Jopoy On Mar 24, 2014, at 8:22 AM, Walter Parker walt...@gmail.com wrote: From the status menu, select System Logs From the system logs page, click on Settings Scroll down to Remote logging Options Enable Remote logging For the remote Syslog Servers, enter the address of your syslog server (any Linux or FreeBSD server running a copy of syslog that will take outside logging). It will send all of the system logs to the syslog host. Note, squid is an application/package and its log files will not be included. Either the squid config will have to be changed, or you could try using rsync to copy the logs. Walter On Mon, Mar 24, 2014 at 12:13 PM, A Mohan Rao mohanra...@gmail.com wrote: Please guide me how u do this on pfsense firewall . We’ve already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) Thnx Mohan On Mar 25, 2014 12:14 AM, Ryan Coleman ryanjc...@me.com wrote: Now that I have the network stable (thank you so much!) I have another task I need/want to accomplish: Does anyone have recommendations or suggestions for off-loading log files at the end of the day to another server? Specifically I’m wanting the system log and the squid logs sent out and rotated afterwards. We’ve already managed to block one user who lives in close proximity for stealing internet (500MB of Youtube videos in less than 3 hours during a very busy time of day*) but I would like to set up something that crawls through the raw files automatically every night and report back via email. I can write the script to crawl the data - that’s not a problem - it’s just that the ALIX board is not powerful enough to handle the needs I have. Thanks again, Ryan * I still have a few stages to hit on the deployment but that user will eventually be unblocked. We had to rollback the throttling configuration while we were having stability issues. Right now we’re at 60 hours and counting and I plan to re-implement that limiter tomorrow morning. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
