This should expose you the following services externally: ServiceĬonfigure Data Ingestions and Extractors for Log Inforationĭefault Elastic Data exploratiopn tool. Sudo docker-compose up -d -no-deps -build graylog
#Pfsense ntopng configuration install
Please install docker, docker-compose and git as basic prerequisite. Since this involves Elasticsearch 7 a few GB of RAM will be required. This walkthrough has been made with a fresh install of Ubuntu 18.04 Bionic but should work flawless with any debian'ish linux distro. Optional Succicata/SNORT logs can be pushed to Elasticsearch, Graylog has ready made extractors for this, but currently this is not yet included in this Documentation. The whole metric approach is split into several subtopics. If it's easier for you, you can find a video guide here: (Still the Guide for G元/ES6, will make a new one some day.) This doc has been tested with the following Versions: Component I don't include any directions for Upgrading G元/ES6 to GL4/ES7. I have recently updated the whole stack to utilize Graylog 4 and Elasticsearch 7 and Grafana 7. Thanks as well to MatthewJSalerno for some Streamlining of the Graylog provisioning Process. It should work hasslefree with a current Linux that has docker and docker-compose.
Since it still was a bit clumsy and outdated I wrapped some docker-compose glue around it, to make it a little bit easier to get up and running. It's based on some heavylifting alrerady done by devopstales and opc40772. This Project aims to give you better insight of what's going on your pfSense Firewall.
0 kommentar(er)
