Feature #13728
closedBuiltin Database for historical log collection
0%
Description
Not sure of the amount of effort / technical debt that would be needed to accomplish this but I would like to see the ability of PFsense to have a built-in DB (Mongo or SQLlite). The purpose of this would be to store certain historical data such as firewall logs and the ability to parse those logs with some granularity.
For example, I want to search the last 7 days of any IP in the x.x.x.x/24 range hitting this rule.
This feature would need a disclaimer and not run or be installed on machines detected to have less than a certain amount of RAM and not having a certain amount of cores.
This could also be a pfSense+ feature only
Updated by Jim Pingle over 1 year ago
- Status changed from New to Rejected
The firewall is not a place to run a database. Massively increases the attack surface and complexity for little benefit.
Export the logs to a host dedicated to such tasks.
Updated by Mike Moore over 1 year ago
In fairness Jim, other vendors have a similar feature set. This isn’t an oddball request. It’s an attempt to have some feature parity