Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 2,647 Commits
.github/ISSUE_TEMPLATE		.github/ISSUE_TEMPLATE
Images		Images
etc/pfelk		etc/pfelk
install		install
.env		.env
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
PULL_REQUEST_TEMPLATE.md		PULL_REQUEST_TEMPLATE.md
README.md		README.md
_config.yml		_config.yml
changelog		changelog
docker-compose.(single cluster unstable)		docker-compose.(single cluster unstable)
docker-compose.yml		docker-compose.yml
license		license

Repository files navigation

Elastic Integration

https://docs.elastic.co/en/integrations/pfsense

pfSense/OPNsense + Elastic Stack

Prerequisites

Ubuntu Server v20.04+ or Debian Server 11+ (stretch and buster tested)
pfSense v2.5.0+ or OPNsense 23.0+
Minimum of 8GB of RAM (Docker requires more) and recommend 32GB (WiKi Reference)
Setting up remote logging (WiKi Reference)

pfelk is a highly customizableopen-source tool for ingesting and visualizing your firewall traffic with the full power of Elasticsearch, Logstash and Kibana.

Key features:

ingest andenrich your pfSense/OPNsensefirewall traffic logs by leveragingLogstash
search your indexed data innear-real-time with the full power of theElasticsearch
visualize you network traffic with interactive dashboards, Maps, graphs inKibana

Supported entries include:

pfSense/OPNSense setups
TCP/UDP/ICMP protocols
KEA-DHCP (v4/v6) message types with dashboard - in development
DHCP (v4/v6) message types with dashboard - depreciated
IPv4/IPv6 mapping
pfSense CARP data
openVPN with dashboard
Unbound DNS Resolver with dashboard and Kibana SIEM compliance
Suricata IDS with dashboard and Kibana SIEM compliance
Snort IDS with dashboard and Kibana SIEM compliance
Squid with dashboard and Kibana SIEM compliance
HAProxy with dashboard
Captive Portal with dashboard
NGINX with dashboard

pfelk aims to replace the vanilla pfSense/OPNsense web UI with extended search and visualization features. You can deploy this solution viaansible-playbook,docker-compose,bash script, or manually.

pfelk overview

Quick start

Installation

docker-compose

Manual Method orScripted Installed - Scripted Method Coming Soon
$ docker-compose up
Guide (Update Coming Soon

script installation method

Download installer script frompfelk repository
$ wget https://raw.githubusercontent.com/pfelk/pfelk/main/etc/pfelk/scripts/pfelk-installer.sh
Make script executable
$ chmod +x pfelk-installer.sh
Run installer script
$ sudo ./pfelk-installer.sh
Configure Securityhere
Templateshere
Finish Configuringhere
Guide

manual installation method

Roadmap

This is the experimental public roadmap for the pfelk project.

See the roadmap »

Comparison to similar solutions

Comparisions »

Contributing

Please reference to theCONTRIBUTING file. Collectively we can enhance and improve this product. Issues, feature requests, PRs, and documentation contributions are encouraged and welcomed!