We recently deployed a SIEM solution and I'm having issues getting our Sophos data to import into the SIEM service.
I have added the SIEM's network login account as a member of the Sophos DB Admins group on the Sophos server in an attempt to give it direct access to the database without any luck. Sophos's documentation states I need to use Reporting Interface and/or Log Writer, but I cannot find an actual how-to on downloading, installing, or setting up either of those services.
I can only find this link for Reporting Interface (https://www.sophos.com/en-us/support/documentation/reporting-interface.aspx#), but neither document tells HOW to set it up. I tried to follow the Log Writer help document (https://www.sophos.com/en-us/support/documentation/reporting-log-writer.aspx), but it appears to be outdated or not relevant to me because I cannot find the "Console downloads" section it refers to.
Any guidance would be greatly appreciated.
This thread was automatically locked due to age.