I've config the Splunk as per the KB article and I've seen the XG logs over the Splunk. But the dashboard is creating issues for me.
What I'm missing as and I'm not familiar with Splunk ??
Splunk Version: 8.0.4
XG Version: XG125 (SFOS 18.5.1 MR-1-Build326)
Splunk Apps Installed;
1) Splunk Add-on for Sophos
2) Add-on for Sophos XG
3) TA-sophos-xg
KB Article Link: Splunk Integration for Sophos (XG) Firewall - Announcements - Sophos Splunk Apps for Sophos (XG) Firewall - Sophos Community