pfSense, Suricata, and Splunk


There are a few blogs out there on the internet that walk you through setting up a pfSense Splunk forwarder, and a few more that talk about getting your suricata IDS logs into your Splunk, but there is not an all-in-one guide to help you do both. I wrote a blog post for my work which can be read here!

Work | Mimecast and Unifi Deployment

I’ve been super busy at work recently, I just finished up two big projects. We switched over to Mimecast’s email security suite. The whole deployment took a bit of planning and some of fixing of DNS/MX records but I am proud to say that the project is finished. So far, Mimecast has been working great and has been catching a lot more spam/phishing emails than the previous solution that was in place.

Read more Work | Mimecast and Unifi Deployment

Network Overview

This is my network overview of the “Milkyway.Galaxy” domain. My entire network is named after planets and the solar system. Every week I decide to change/add/remove something so it’s constantly evolving. My network is broken into multiple VLANs to allow segmentation of the network. I use a custom built PfSense router running version 2.4.x as of the time of writing this. From my router, it feeds into my 2960x stack which is setup as router on a stick VLAN configuration.

Read more Network Overview

Grafana on Ubuntu Server 18.04 | InfluxDB / Telegraf

Recently, I setup Grafana at my workplace to allow more visibility on our network. In the past I have played with Grafana in my homelab but I didn’t understand how It could be useful for me at the time when I only had one server. Now that I have a handful of servers that can be a pain sometimes to monitor, I’ve decided to give Grafana another go.

Read more Grafana on Ubuntu Server 18.04 | InfluxDB / Telegraf