Sourcetypes¶
Below are a list of sourcetypes which this Add-on uses. It is not necessary to manually set the sourcetype to anything other than opnsense as this add-on will automatically transform the sourcetype to the appropriate value.
| Source type | Description | CIM Mapping |
|---|---|---|
| Access Events to OPNsense firewall. | Authentication | |
| opnsense:audit new v1.5.0 | Audit Events to OPNsense firewall (logins/changes). | Authentication |
opnsense:cron | Cron Events | None |
opnsense:dhcpd | DHCP Events | Network Sessions |
opnsense:filterlog | Filterlog Events | Network Traffic |
opnsense:lighttpd | Events from the Web interface | Web |
opnsense:openvpn | OpenVPN Events | Authentication |
opnsense:suricata opnsense:suricata:json | IDS events from suricata | Intrusion Detection Network Traffic |
opnsense:squid | Proxy events from Squid Proxy | Web |
opnsense:unbound | DNS events from Unbound DNS | Network Resolution |
opnsense:syslog | Events from Syslog-ng | None |