I have OPNsense running on a hp t730 thin client. I run it in an LXC container on another server, so you'll need a place to run it that can store the Influx data. InfluxDB itself was by far the hardest to setup. That helps you get it installed, after that, you need to setup influxdb, which isn't any different in OPNsense as anything else so you can use the ntopng help You just have to check the 'community edition' box in the configuration page in OPNsense (where you configure the interfaces ntopng monitors) and it will work just like the one bundled with OPNsense just one minor version newer. ntopng produces OPNsense packages specifically for this purpose.
I used the ntopng enterprise release, since it's a slightly newer version than ntopng's open source release which OPNsense bundled. I expect to parse logs you'll want something like Graylog. I don't use Suricata, so no help with that one.
0 kommentar(er)
