The openVPN log extract for TA-pfsense version 1.1 was not working for my pfsense 2.1.5 which runs openvpn 2.3.3. The src ip and usernames are not being extracted properly.
I was able to resolve this issue by modifying the transforms in the TA-pfsense app. The problem with the usernames was with the field transform pfsense_syslog_user_subject_04. It was not able to handle the '.' in the username format we use. The problem with the src ip was a missing space. Below are my regex changes.
openvpn: user \'(.*?)\' authenticated
openvpn.* (\d+\.\d+\.\d+\.\d+):(\d+)
I was able to resolve this issue by modifying the transforms in the TA-pfsense app. The problem with the usernames was with the field transform pfsense_syslog_user_subject_04. It was not able to handle the '.' in the username format we use. The problem with the src ip was a missing space. Below are my regex changes.
openvpn: user \'(.*?)\' authenticated
openvpn.* (\d+\.\d+\.\d+\.\d+):(\d+)
Will fix it in a future release...