Hacker News new | ask | show | jobs
by chanz 2286 days ago
Thanks for sharing this really looks cool. But there are some things that make me hesitate using it:

1. Maxmind: Since I don't know the company and it seems its only providing the geoip-database, my question is: Can it be disabled or left out at all?

2. Java: Its my personal preference to avoid using oracle products at all cost. Is openjdk an alternative?

3. Is the geo-graphical visualization all Pfelk can do? Is there a feature list or demo?
2 comments
uaas 2286 days ago
1: Well, it can be useful to map your src and dest ips to a map, but it can be left out, since the dashboards are fully customizable. Anyway, Maxmind GeoIP is widely used in this and other areas.

2: Yes, openjdk is supported

3: No, with this setup, you can extend the stock firewall functionality by forwarding everything to an ELK instance. You can search and visualize all of your firewall log entries with the full power of Elasticsearch.

Yes, a complete feature list and/or demo would be great, we will work on those, thank you for your feedback.

Feel free to reach out if you have any questions!

link
chanz 2286 days ago
Thank you for your reply. Is there a roadmap of what you work on?
link
a3ilson 2285 days ago
Roadmap is currently in development...seeking feedback and inputs for future enhancements. Thanks for your input.
link
notwedtm 2286 days ago
FWIW, MaxMind is pretty much the defacto standard for geoip lookup tables.
link
chanz 2286 days ago
Thanks, I was not aware of this.
link