Knowledge Management

How to read the logs from my pfsense and get alerts based on the logs?

Norvik-IT
New Member

Guys its my first time here, i need to read the logs from my pfsense and get alerts based on the logs, any help on how i can achieve this? welcome and thanks in advance.

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Welcome to Splunk Answers!

There are a few add-ons in splunkbase for pfsense (https://splunkbase.splunk.com/apps?keyword=pfsense), have you tried any of them?  What else have you tried?

After you have your data in Splunk you can work on creating an alert.  That's just a matter of searching your data for the alert condition and then selecting Save As->Alert.  You may need to set up SMTP in your Splunk search head if it's not set up already.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...