iView v03.01.1 is unable to process logs from SFOS 17.0.0 GA

Hello all,

do you also found that since SFOS v17.0.0 GA an iView v03.01.1 is not able to process logs from gateway which have installed SFOS v17.0.0 GA?

Do you have the same experience or am I wrong?

In the Live Logs menu a logs are displayed so the problem can not be in an appliances themselves but the log file format has been changed  ( due to the new Log Viewer ) but the logs parser in iView v03.01.1 has not been updated by the developers yet, I think.

Note. For example the Allowed Traffic Overview field is empty but in the Blocked Traffic Overview field an operating values are displayed.

Very unpleasant surprise.

Regards

alda

  • Have you got anywhere with this? I am now wanting to sort this out, but notice no traffic between 17 MR2 and Iview.

  • In reply to RichardPhillips:

    Hello Richard,

    I tried to make two completely new iView installations ( both were a vmware appliances ), and in both cases the result was identical, after about 8 hours, both installations stopped displaying a charts. However, in the Live Logs menu  is still possible to see that the monitored appliance sends logs to an iView but it does not process them.

    It is really strange that Sophos not dealing with this problem.

    I would like to add that MR2 has the same problem too ....

    Regards

    alda

  • In reply to RichardPhillips:

    Yes, I'm running iView 03_01_1 Build 313.  When we upgraded our Sophos XG straight from SFOS 16.05.8 MR-8 to SFOS 17.0.2 MR-2, and our iView continued to receive data.  If you're not on Build 313, I would suggest upgrading your iView firmware.

  • In reply to Jeffry McGee:

    Hello Jeffry,

    with this version I installed both of the mentioned vmware appliances and both stopped showing charts after about 8 hours. Even my iView accepts data too but does not generate graphs from these data ...

    Regards

    alda