Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.socfortress.co/llms.txt

Use this file to discover all available pages before exploring further.

What this connector is

This connector covers how to configure OPNsense to forward logs to an external syslog server. Vendor reference:

Configuration steps (OPNsense)

  1. Log into the OPNsense web interface
  2. Navigate to System → Settings → Logging
  3. Check Enable Remote Logging
  4. Enter the syslog server hostname/IP under Remote log servers
    • optionally set port (default 514) and protocol (UDP/TCP)
  5. Click Save

Success criteria

  • Logs appear in your SIEM input
  • Source is attributed to the expected OPNsense device

Notes

  • Ensure the network path is secure; consider VPN/TLS forwarding when logs traverse untrusted networks.
  • Ensure firewall rules allow outbound syslog traffic.