-
Notifications
You must be signed in to change notification settings - Fork 190
Comparison
Andrew edited this page Aug 13, 2023
·
13 revisions
- pfSense/OPNSense web GUI: You have limited options to visualize and even search for certain log entries with the vanilla web interface provided by default. With pfelk, you can search by any of the GROK parsed fields of your events near-real-time leveraging Elasticsearch. You can freely customize the visualizations included with pfelk.
- Using Filebeat with official Kibana dashboards: To use these, you have to compile your own Filebeat on freeBSD. Eventually you can reach the limitations of the dashboards provided at index level. When using pfelk you don't have to compile anything since it uses the integrated forwarder.
- Graylog: To observe your firewall traffic in its full extent with Graylog, you have to use and additional compnent, Grafana (with Elasticsearch datasource) to have useful visualizations. With pfelk you don't have to rely on any other additional components beside the Elastic Stack.
- Splunk: There are some solutions to incorporate your firewall traffic into Splunk, but these are mostly dated projects, with no real support/user base. Using pfelk, you have a stable community and support, making continuous changes to improve the solution.