This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Gateway up/down in Sophos Central Logs

I get emails and also alerts in Sophos Central when my XGS loses contact, which is good. Once I acknowledge the alert in Sophos Central, it disappears. I save the emails, so theoretically I can look through them to see when the disconnects occurred, but I'm looking for a better way.

So is it possible to look through historical, acknowledged Alerts in Sophos Central?

It looks like I can search Logs in Sophos Central, looking for Component: Gateway and that appears to show me what I want. Is this correct? Is it showing when the XGS is out of contact with Sophos Central or when the gateway goes up/down? I assume it is from the XGS so it isn't logged until after connectivity is restored.

It'd also be nice to distinguish periods of no connectivity (say ISP problems) from appliance reboots (say SFOS upgrade)

Any Log guru advice welcomed!



This thread was automatically locked due to age.
  • You could look into CFR, as it will protocol the VPN data as well. 

    Events in Central are not covering the Alerts send by the firewall. 

    __________________________________________________________________________________________________________________