Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG syslog messages id's v18.5

i've got a deeplink to Messages (sophos.com) but i would like to get my hands on the current (18.5) version so i can find messages that our firewalls are logging right now so i can parse them for our siem.

and while i'm asking this, it would be so much better if for example :

17507

Admin sign-in sign-out

17813 Interface up/interface down
17814 Gateway alive/gateway dead

17935

Mapped server <server_ipaddress> is up/mapped server <server_ipaddress> is down

are not in captured in the same event id anymore since a login is completely different then a logout event which should contribute to completely different usecases / triggers in siem applications. And an server up is completely different from server down also.



This thread was automatically locked due to age.