Sophos Community - Connect, Learn, and Stay Secure
Clear
Search
Loading
User
Site
Search
User
Toggle Mobile menu
Community & Product Forums
Blogs
Partners
Events & Webinars
Getting Started
Support Portal
Community Blogs
Application Control
Community
Product documentation
Security
Feedback
Support Portal
Product documentation
Products
Endpoint security
Sophos Endpoint
Sophos XDR
Device Encryption
Sophos Mobile
Network Security
Sophos Firewall
Sophos ZTNA
Sophos Switch
UTM Firewall
Sophos Wireless
Sophos NDR
Email Security
Sophos Email
Phish Threat
Cloud Security
Sophos Central
Sophos Cloud Optix
Support Tools
Sophos integrations
Free tools
AI Solutions
Sophos AI
Services
Management platform
Sophos Central
Support Portal
Sophos Community log in
Sophos Partners
Partners blog
Local Partner community
Partner news
Resources
MSP guides
Partner Care
Sophos Central
Webinars & Events
Webinars & Events
Calendar
Become a partner
Join our program
Events & Webinars
Events & Webinars
Calendar
Recordings
Getting started in the Community
How to get started
SophosID registration
How to set up your profile
How to contribute and participate
How to manage private messages
Member recognition
Recognition program
Leaderboard
Products and Services
Products
Endpoint security
Sophos Endpoint
Sophos XDR
Device Encryption
Sophos Mobile
Network Security
Sophos Firewall
ZTNA
Sophos Switch
UTM Firewall
Sophos Wireless
NDR
Email Security
Sophos Email
Phish Threat
Cloud Security
Sophos Central
Sophos Cloud Optix
Support Tools
Sophos integrations
Free tools
AI Solutions
Sophos AI
Services
Management platform
Sophos Central
Support Portal
Sophos Community log in
Blogs
Community Blogs
Application Control
Community
Product documentation
Security
Feedback
Support Portal
Product documentation
Partners
Sophos Partners
Partners blog
Local Partner community
Partner news
Resources
MSP guides
Partner Care
Sophos Central
Webinars & Events
Webinars & Events
Calendar
Become a partner
Join our program
Events & Webinars
Events & Webinars
Events & Webinars
Calendar
Recordings
Getting Started
Getting started in the Community
How to get started
SophosID registration
How to set up your profile
How to contribute and participate
How to manage private messages
Member recognition
Recognition program
Leaderboard
Support Portal
Sophos Endpoint
Discussions
Getting extral line from SIEM API Integration logs
Sophos Endpoint requires membership for participation - click to join
Thread Info
State
Verified Answer
View Voters
Login to vote on this thread
0
Login to vote on this thread
Locked
Locked
Replies
4 replies
Subscribers
15 subscribers
Views
2164 views
Users
0 members are here
Options
Suggested
Query to get Application Usage
Hello everyone. Please I want to get application usage for a particular app with a Sophos query. Basically I want to determine how many time users launch a particular application. I would prefer a data...
Sophos endpoint doesn't notify when you get attacked
I just had an incident where an employee plugged in a USB drive containing hacking tools, scanners, BIOS updaters, service manipulation tools, and more. I didn't realize it until two hours later because...
Sophos Central doesn't record endpoint logs
This is a common problem with Sophos. Why aren't the logs that the Endpoint records available in Central. Why do I have to ring my customer and ask them to share their screen so I can see what Sophos is...
How can I prevent users from uploading files?
Hi all, can I block my users from uploading .zip or .rar files to the internet? I am using the Intercept X Advanced license. Thank all
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion
Getting extral line from SIEM API Integration logs
Logicalis SOC
over 4 years ago
we have integrated Sophos with IBM QRadar siem via SIEM API Script and
We are receiving logs to IBM Qradar but unable to parse the date due to getting extra line in the log. IBM Qradar does not support Sophos central but we can do customer parsing to parse the data. While we do custom parsing we are getting extra line in the single log from API script so unable to parse data due to this line. please help us how can we remove extra line from the log.
This thread was automatically locked due to age.
Quote
Quote
