My Graylog Extractors for pfSense filterlogs
12 Apr 01:38
14 Oct 16:15
to rate this add-on.
Can anyone share Dashboard or Content Pack for pfsense 2.3 + Version ?
This regex looking for UDP packets: "condition_value": "^filterlog:\\s+.*,(in|out),4,.*,UDP,.*$" has incorrect case for "udp" The TCP extractor seems fine. You could change udp to U|uD|dP|p which will find udp, UDP and any other case combination. Note both v4 and v6 regexes are affected.
Saved me a bit of heavy lifting, many thanks.