(IDS) add syslog support, closes https://github.com/opnsense/core/issues/1018

src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml

@@ -17,6 +17,12 @@
         <type>checkbox</type>
         <help><![CDATA[Enable promiscuous mode, for certain setups (like IPS with vlans), this is required to actually capture data on the physical interface.]]></help>
     </field>
+    <field>
+        <id>ids.general.syslog</id>
+        <label>Enable syslog</label>
+        <type>checkbox</type>
+        <help><![CDATA[Enable syslog, sends alerts (in fast log format) and messages to syslog. This won't change the alert logging used by the product itself.]]></help>
+    </field>
     <field>
         <id>ids.general.MPMAlgo</id>
         <label>Pattern matcher</label>

src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml

@@ -146,6 +146,10 @@
               </OptionValues>
               <ValidationMessage>Please select a valid pattern matcher algorithm</ValidationMessage>
             </MPMAlgo>
+            <syslog type="BooleanField">
+                <default>0</default>
+                <Required>Y</Required>
+            </syslog>
         </general>
     </items>
 </model>

src/opnsense/service/templates/OPNsense/IDS/suricata.yaml

@@ -226,7 +226,7 @@ outputs:
 
   # a line based alerts log similar to fast.log into syslog
   - syslog:
-      enabled: no
+      enabled: {% if OPNsense.IDS.general.syslog|default('0') == '0' %}no{% else %}yes{% endif %}
       # reported identity to syslog. If ommited the program name (usually
       # suricata) will be used.
       #identity: "suricata"
@@ -740,7 +740,8 @@ logging:
       enabled: yes
       filename: /var/log/suricata.log
   - syslog:
-      enabled: no
+      enabled: {% if OPNsense.IDS.general.syslog|default('0') == '0' %}no{% else %}yes{% endif %}
+
       facility: local5
       format: "[%i] <%d> -- "