Follow

I need a better strategy for dealing with Netflow data in OPNSense. It had used up over 90% of a 32GB disk. Seems the only way currently is to delete all the data.

It would be nice to just keep a certain amount. I don’t need 6+ months on my home connection but 30 days worth might be nice.

@thegibson @devrandom is there a halfway decent siem solution for home use? Or am I stuck hacking together a db and a graph/chart interface?

@Jetengineweasel @devrandom I think alienvault/Ossim have a decent free tier. Siemonster community edition is really good too.

@thegibson @Jetengineweasel Thanks! I'll look into these! Another option is to add a USB drive and set that as my netflow partition.

But there still must be a way to tame this a little more. I was definitely not collecting 1GB of data every 24 hours before the upgrade to OPNSense 21.7.

@devrandom Could it be as simple as adjusting the sampling rate? Thin it out some?

@jshmlr I'm thinking I need to do something like this. Since upgrading to OPNSense 21.7 it's collection about 1GB data/24 hours.

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.