I've config the Splunk as per the KB article and I've seen the XG logs over the Splunk. But the dashboard is creating issues for me. What I'm missing as and I'm not familiar with Splunk ?? Splunk Version: 8.0.4 XG Version: XG125 (SFOS 18.5.1…

the App works fine using UDP on port 514 but I still cannot seem to get TCP-SSL over port 10514 working?? Is there a cert requirement for TCP-SSL protocol, the inputs.conf has 4 lines about certs but the Sophos page does not mention parameters for using…

Currently the following three event log types are not supported in the ingestor APP (TA) Authentication events to the SFOS device SFOS system state logs Email Anti-Spam events

Sophos App For Splunk provides 7 dashboards and several visualizations to provide user insights into the data collected from the Sophos XG Firewall platform. The below table provides a list of visualization source types use in each dashboard. …

Sophos XG Firewall Add-on For Splunk maps the data collected to the Network Traffic CIM data model of Splunk. Please see the below table for a complete reference list. Source type CIM Data Model Event Field Data Model Field…

Support for this application while in Early Access will be provided via the Feedback forum associated with this Wiki. Please use an existing post if your issue has already been reported, or create a new post for each new issue you wish to report.