PLEASE READ Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for the latest updates.
We'd love to hear about it! Click here to go to the product suggestion community
I finally got my Sophos UTM Home machine up and running, and so I have several refinement questions I'm struggling with. To help others who may have the same issue, I'm posting them separately rather than all together.
This one deals with the Firewall log and other Sophos user-interfaces: I have the hosts on my network (various laptops, computers, home devices, etc.) all defined in my Network Definitions tab...that was how I'd done it with my router before, so I could tell what was doing what. I really need that now, because I'm struggling with network access to a particular device and I'm trying to get clues regarding what's going on from the log and other Sophos UIs...but for the most part, they all keep giving me IPs, and its difficult to have to constantly decode them! Is there some other place where I should have defined these computers/devices/hosts? Is there something I may have missed in defining them?
Hostnames won't be resolved in the console logs, the classification will be done by IP address.
Look in Reporting instead of the logs.
Cheers - Bob
In reply to BAlfson:
This could be a feature request, to resolve IP addresses to hostnames in the live firewall log.
In reply to alan weir:
This will never happen for sure. Firewall log will not function as a DNS log or interact with DNS. It has a specific role. In the reporting, UTM resolves them
In reply to oldeda:
Agreed, Olsi - the Firewall Live Log would not be "Live" as it would fall far behind with even the slightest amount of traffic.