Is there anything than the raw logs and google for a simpleton home user with limited knowledge that just barely manged to get pfSense and Suricata up and running?
Splunk, Kibana etc seems so very much not straightforward and totally out of wallet for this use case at least.
Cheers,
R
I would recommend Splunk as the free license should be good enough and being an enterprise software its about as double-click and work as auditing software gets. I tried Suricata and it outputted so many log files it blew up my splunk, the DB hard drive and effectively DOS’ed my own network- it was weird. Maybe something I did- but give it a go, follow the splunk tutorials on getting your PFSense router to send logs over UDP 514 to the splunk indexer IP, then setup the Splunk indexer to ingest those logs and go from there.