Actions
Feature #11809
closed
Provide the option of logging in CEF (Common Event Format) in addition to Syslog
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
-
Start date:
04/16/2021
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Description
When sending to remote log sources, especially those that are used as logging solutions such as logstash, Graylog, Splunk, etc.. it would be a great benefit to be able to send PFSense messages in CEF (Common Event Format) so that when they arrive the fields are already parsed instead of having to write custom parsers. Custom parsers are even harder to implement based on format differences between different types of messages.
Updated by Viktor Gurov about 3 years ago
The Syslog-NG package already supports this:
https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.17/administration-guide/59#TOPIC-989773
Updated by Jim Pingle almost 3 years ago
- Status changed from New to Rejected
Not viable for the built-in syslogd, what can be done is already possible in syslog-ng.
Actions