Long story short.. In my job we are testing various SIEMS. one of them was Alien Vault OSSIM. So.. I was getting bored in my house and I decided to route all the syslog of my PfSense to the fancy UI of OSSIM.. (Couse sexiness and stuff) Also:
Googling it a bit, found that basically is a pain in the ass to set those two work together... So any helpful suggestion or a good tutorial? (Running latest build of pfsense 2.2.6 and last build of OSSIM)
So far my best shot is istalling a plugin made from a random user in Alien Vault Forums and run that plugin in pfsense and try to figure it out how to route those syslogs..
Hey man, I was playing around with sensors... not much progress so far couse of social interactions.. but anyway I am hoping next week get full hands (and feets why not...) on this. The capabilities as you said are quite good... Also saw a couple of manuals to set OSSIM working along with Cisco ASA and Juniper SRX.. Sadly PFSense easy deployment is a bit robust, but not impossible.. If I got any doubt I will contact you. thanks!
![]()](http://static.comicvine.com/uploads/original/6/69852/3460527-72323cfb9e81c25235a67727a1893609.jpg)