Blumira and Netgate/pfSense

We are testing out Blumira and seriously considering adding it to our security stack. I believe Blumira is working on a firewall parser for pfSense (future integration) … however it is currently not available. Just curious if anyone is currently capturing pfSense logs into Blumira in a useful way?

So far, our testing shows the false positives to be very low which is fantastic. Reminds me of Huntress :wink:

Mark

I will bug them again about officially finishing the pfsense integration, I think it’s still their most requested one.

1 Like

So like Tom said, there isn’t an official parser for it yet, but it is possible to get the logs in a generic format if you need to. You can reach out to Blumira and they can create a report that will essentially give you a timestamp and a “message” column, which will contain the entire string from pfSense. Not the best, but can be useful if you need to do some forensics.

1 Like

Thanks Frank. We have also submitted in integration request for pfSense here:
https://portal.productboard.com/blumira/1-blumira-product-portal/c/16-additional-integrations
(selecting the importance at the bottom)

Fingers crossed Blumira releases something soon.

I am curious if a pfSense integration would include Suricata and/or Snort log monitoring. Ie. through Detection Rules. Or if something more would be required.
Cheers,
Mark

I’ve been wondering the same about snort/suricata, but figure I’ll take it one step at a time and not bombard them :slight_smile: . I will say I’ve been extremely happy with their support the times I have reached out though.