Skip to content

[pfsense] update pfsense docs #15969

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[pfsense] update pfsense docs #15969

wants to merge 2 commits into from
+377 −221

Conversation

@vinit-chauhan
Copy link
Contributor

@vinit-chauhan vinit-chauhan commented Nov 13, 2025

Proposed commit message

Update readme for PfSense

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

image

@vinit-chauhan vinit-chauhan requested a review from a team as a code owner November 13, 2025 18:08
@vinit-chauhan vinit-chauhan added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:pfsense pfSense (Community supported) Team:Integration-Experience Security Integrations Integration Experience [elastic/integration-experience] labels Nov 13, 2025
@elasticmachine
Copy link

elasticmachine commented Nov 13, 2025

Pinging @elastic/integration-experience (Team:Integration-Experience)

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Nov 13, 2025

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

elasticmachine commented Nov 13, 2025

💚 Build Succeeded

mjwolf
mjwolf reviewed Nov 13, 2025
View reviewed changes
Copy link
Contributor

@mjwolf mjwolf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you add a service_info file for this as well?

packages/pfsense/_dev/build/docs/README.md
# pfSense Integration for Elastic

## Overview
The pfSense integration for Elastic enables the collection of logs from pfSense and OPNsense firewalls. It parses logs received over the network via syslog (UDP, TCP, or TLS), providing visibility into network traffic, security events, and system health.
Copy link
Contributor

@mjwolf mjwolf Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(UDP, TCP, or TLS) - TLS isn't a transport, this should probably change to (UDP or TCP) or UDP or TCP, using TLS

packages/pfsense/_dev/build/docs/README.md
1. On a host connected to the pfSense network, generate traffic that will trigger a firewall log event. For example, attempt a connection that you know will be blocked by a firewall rule.
2. Check the pfSense system logs to confirm that new event data is being written. In the pfSense web interface, navigate to **Status > System Logs > Firewall**.
3. In Kibana, navigate to the **Discover** tab or open the pre-built **Firewall - Dashboard [pfSense]** dashboard.
4. Filter for pfSense data by using the KQL query `event.dataset : "pfsense.log"`.
Copy link
Contributor

@mjwolf mjwolf Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could be a bit confusing, you don't need to filter, if you choose to open the dashboard

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mjwolf mjwolf mjwolf left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:pfsense pfSense (Community supported) Team:Integration-Experience Security Integrations Integration Experience [elastic/integration-experience]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vinit-chauhan @elasticmachine @mjwolf