pfSense
Chronicle supports ingesting pfSense telemetry logs to help visualize network traffic for and surrounding alerts
Chronicle Data Types
- DHCP
- DNS
- Firewall
Configuration
Reference: https://docs.netgate.com/pfsense/en/latest/monitoring/copying-logs-to-a-remote-host-with-syslog.html
- Click Status > System Logs
- Click the Settings tab
- Check Enable syslog’ing to remote syslog server
- Type the IP of your CYCLOPS appliance in the box next to Remote syslog server
- CYDERES recommends checking the boxes for all log entries to forward
- Click Save