pfelk

pfSense + ELK

View the Project on GitHub

Welcome to (pfSense/OPNsense) + Elastic Stack

pfelk dashboard

You can view installation guide guide on 3ilson.org YouTube Channel.

Version badge Travis (.org) Travis (.org) Gitter

Prerequisites

Table of Contents

Background

pfELK was created in 2016 after spending hours researching firewall visualization. After stumbling across Elasticstack (formerly known as ELK stack) with weeks of troubleshooting and research. The process was refined and shared to aid others in leveraging the awesome power of Elasticsearch through the visualization of firewall events.

pfELK is comprised of Java, Elasticstack, and a number of dependencies. Your firewall logs are parsed through various patterns simplifying firewall log analysis. Currently, pfSense and OPNsense are supported with extensive testing.

Install

Please forgive our progress as we modernize the installation process. There are currently three installation options as we seek to automate the installation process.

Usage

Once pfELK is running, point your browser to “http://pfELK’s-IP:5601” to access the Kibana interface.

Contribute

Please reference to the CONTRIBUTING.md. Collectively we can enhance and improve this product. Issues, feature requests, pulls, and documentation contributions in are encouraged and welcomed!

License

This project is licensed under the terms of the Apache 2.0 open source license. Please refer to LICENSE for the full terms.