Sophos Community

What log types are currently not supported with this release?

Elias Collins - Sophos Product Management

Currently the following three event log types are not supported in the ingestor APP (TA) Authentication events to the SFOS device SFOS system state logs Email Anti-Spam events

over 3 years ago
Sophos Splunk Apps for Sophos (XG) Firewall
Recommended Reads

What Splunk CIM tags are used and mapped to the XG Event Types?

Elias Collins - Sophos Product Management

Sophos XG Firewall Add-on For Splunk maps the data collected to the Network Traffic CIM data model of Splunk. Please see the below table for a complete reference list. Source type CIM Data Model Event Field Data Model Field…

over 3 years ago
Sophos Splunk Apps for Sophos (XG) Firewall
Recommended Reads

Forum to post feedback related to the Splunk XG Early Access Program.

Elias Collins - Sophos Product Management

Support for this application while in Early Access will be provided via the Feedback forum associated with this Wiki. Please use an existing post if your issue has already been reported, or create a new post for each new issue you wish to report.

over 3 years ago
Sophos Splunk Apps for Sophos (XG) Firewall
Recommended Reads