Long-time lurker/firmware user. first-time poster...
As part of a small learning project (http2 server in go), I wanted to watch incoming traffic to the webserver. This lead me down a few rabbit holes and I ended visualizing the incoming IP traffic in Kibana. To make the process easier to manage (and easily reproducible) I created a filebeat module (v5.x) to analyze the router's system log.
Custom Merlin Syslog Module*
Notes
Example: Firewall DROP by Geo-Location
As part of a small learning project (http2 server in go), I wanted to watch incoming traffic to the webserver. This lead me down a few rabbit holes and I ended visualizing the incoming IP traffic in Kibana. To make the process easier to manage (and easily reproducible) I created a filebeat module (v5.x) to analyze the router's system log.
Custom Merlin Syslog Module*
Notes
- I currently use syslog forwarding to pass all router logs to a server inside my network. I then stage the router.log file onto a laptop for analysis in a docker hosted elasticsearch/kibana environment.
- I've tested this on an RT-N66U with a few system log entries. I'm sure there are some issues. Please file any anomalies and/or feature requests on the project issue tracker.
Example: Firewall DROP by Geo-Location
Last edited: