What source types are used to build the XG visualizations in the Dashboard APP?

Sophos App For Splunk provides 7 dashboards and several visualizations to provide user insights into the data collected from the Sophos XG Firewall platform. The below table provides a list of visualization source types use in each dashboard.

 

 

Dashboard Name

Source type

Panel Name

Threats

sophos:xg:atp, sophos:xg:anti_virus, sophos:xg:sandbox, sophos:xg:idp, sophos:xg:waf

Threats by Type Over Time

Threats by Severity Over Time

Threats Blocked by Source IP

sophos:xg:atp,
sophos:xg:idp

Advanced Threat Protection (ATP) & Intrusion Prevention System (IPS) Events

Firewall Overview

sophos:xg:system_health

Interface Usage

Interface Errors

sophos:xg:content_filtering

Web Sessions Over Time by Top 10 User

sophos:xg:system_health

Maximum Live Users Over Time

sophos:xg:firewall

Firewall Traffic Volume Over Time

sophos:xg:firewall, sophos:xg:content_filtering, sophos:xg:idp, sophos:xg:ssl

Log Lines

Web

sophos:xg:content_filtering

Traffic Over Time by Host

Bandwidth Over Time

Warned Summary

Traffic by HTTP Category

Traffic by Domain

Web Clients by Hits (Top 10)

Actions Taken Against Web Traffic

Traffic by Source Zone

Traffic by Destination Zone

Web Traffic by Destination Geo

Firewall Top 10

sophos:xg:firewall

Applications by Hits (Top 10)

Application Clients by Hits (Top 10)

Firewall Traffic by Firewall Rule (Top 10)

Firewall Traffic Details by Firewall Rule ID

Firewall Traffic by Bandwidth (Top 10)

Firewall Traffic by Destination Geo (Top 10)

Traffic

sophos:xg:ssl

Traffic by TLS Version

Traffic by Encryption Status

Traffic by Server Name Indication & Domain

Failed Connections by Reason

Users

sophos:xg:content_filtering

Web Connections

sophos:xg:firewall

Application Connections

VPN

sophos:xg:event

VPN Users Over Time

Remote Access Connections by Source IP

Site-to-Site Connections by Source IP

Connections by User per VPN Method Type

Connections per Destination (Top 10)

Web Categories Accessed from VPN (Top 10)

Applications Accessed from VPN (Top 10)