Feature request - historical logging like UTM

Is it possible to finally get a historical log similar to the UTM? I would prefer a log file rotation per day and preferably for at least 14 days back.

 

Parents Reply
  • XG so needs this, like how can an "Enterprise" firewall not?  On top of that, the syslog output is not that consistent and makes for a difficult time building extractors or pipelines (in Graylog, etc).  Different "facilities" have completely different formating, etc.  We have 6 year UTMs that still have day 1 logs on them.  Magic of gzip, huh?

    Some of our clients have 10+ IPsec tunnels.  If there is ever an issue, we always get asked why it went down, but it's too late.  Going back into the strongswan.log and we are lucky if we have more than 1 days worth of events.  Lucky if we have 2 days when looking in the .log.0 file which rotates out.

    Baby steps, maybe v23 or v24?  Sorry, I love Sophos, but moving from UTM has been a challenge in many areas.

Children