OPNSense – Security and Hardening – Episode 3

Author:

🚨 Set Up Monit Custom Email Alerts in OPNsense 🚨

Want to receive real-time email notifications for critical events in OPNsense?

📡 Follow this guide to configure Monit email alerts using Gmail SMTP:

🔗 Step-by-step setup here:

Once you’ve set up Monit email alerts, let’s take it a step further!

Here is the video version of this written tutorial:


📌 Custom Alert: Portal_Failed_Login_Attempt

This alert will notify you via email whenever a failed login attempt occurs on your OPNsense web interface.

🔹 Step 1: Enable Monit in OPNsense

If you haven’t set up Monit yet, follow the guide above to enable it.


🔹 Step 2: Create a Custom Service Test

1️⃣ Navigate to Services > Monit > Service Tests Settings
2️⃣ Click + Add to create a new test
3️⃣ Set the following values:

  • Name: Portal Failed Login
  • Condition: content = “authentication error”
  • Action: Alert

4️⃣ Click Save and apply changes


🔹 Step 3: Monitor the Audit Log for Failed Logins

1️⃣ Go to Services > Monit > Service Settings
2️⃣ Click + Add to create a new monitored service
3️⃣ Set the following:

  • Name: web_portal_failed_login
  • Type: File
  • Path: /var/log/audit/latest.log
  • Tests: Select Portal Failed Login (the test created in Step 2)
    4️⃣ Click Save and apply

🔹 Step 4: Configure Alerts

1️⃣ Go to Services > Monit > Alert Settings
2️⃣ Click + Add to create an alert
3️⃣ Set the following:

  • Recipient email: Your email
  • Events: Select Content failed
  • Message Format:
reply-to: noreply@sysadmin102.com
Subject: 🚨 Failed Login Attempt Detected! 🚨 
Message: Failed Login Attempt Detected! 
📅 Date: $DATE  
🌐 Source IP: $DESCRIPTION

4️⃣ Click Save and apply


🔹 Step 5: Test Your Alert

1️⃣ Attempt a failed login to your OPNsense web portal
2️⃣ Check your email inbox for the alert! 📩


💡 Why Enable This Alert?
🔹 Detect brute force login attempts in real-time
🔹 Improve security monitoring for your firewall
🔹 Stay informed about unauthorized access attempts

✅ Set it up today and secure your OPNsense environment!

#OPNsense #CyberSecurity #SysAdmin #Monit #NetworkSecurity


💙 Want to support my channel? Check out ways to help here:

Your support helps keep valuable tech content coming! 🚀

#OPNsense #CyberSecurity #SysAdmin #Monit #NetworkSecurity #TechSupport

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Translate »