I’m seeing a lot of extractors for pfSense on Graylog. It looks like Tom’s Github is for an older version of pfSense? This seems to be the most current one I’ve found. Does anyone have a better one?
I need to update my GitHub, but in the mean time I have my updated ones here:
Thanks @LTS_Tom We need to merge these. I like the way BSD shows up with-in PF system log viewer better than syslog. So I’d prefer your method. This syslog based extractor covers a bunch of things. It would be nice to have your filters for all of them. I’ll see about converting them. I’m not a regex wizard though.