Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Log viewer suggestion

I have a suggestion for the Sophos Firewall. I would like to have a switch where I can hide entries that are empty or have a 0. 

Example:


messageid="00002" log_type="Firewall" log_component="Firewall Rule" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="27" fw_rule_name="GMail_Client2Wan" fw_rule_section="Local rule" nat_rule_id="0" nat_rule_name="" policy_type="2" sdwan_profile_id_request="0" sdwan_profile_name_request="" sdwan_profile_id_reply="0" sdwan_profile_name_reply="" gw_id_request="0" gw_name_request="" gw_id_reply="0" gw_name_reply="" sdwan_route_id_request="0" sdwan_route_name_request="" sdwan_route_id_reply="0" sdwan_route_name_reply="" user="USER-ID" user_group="Legal" web_policy_id="15" ips_policy_id="3" appfilter_policy_id="11" app_name="" app_risk="0" app_technology="" app_category="" vlan_id="" ether_type="IPv4 (0x0800)" bridge_name="" bridge_display_name="" in_interface="Port1" in_display_interface="Port1 - LAN" out_interface="" out_display_interface="" src_mac="USER-MAC" dst_mac="" src_ip="192.168.13.46" src_country="R1" dst_ip="142.251.37.3" dst_country="USA" protocol="UDP" src_port="49966" dst_port="443" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature" app_is_cloud="0" log_occurrence="1" flags="0" web_policy="Default Workplace Policy with Adware Block"

messageid="00002" log_type="Firewall" log_component="Firewall Rule" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="27" fw_rule_name="GMail_Client2Wan" fw_rule_section="Local rule" nat_rule_id="0" nat_rule_name="" policy_type="2" sdwan_profile_id_request="0" sdwan_profile_name_request="" sdwan_profile_id_reply="0" sdwan_profile_name_reply="" gw_id_request="0" gw_name_request="" gw_id_reply="0" gw_name_reply="" sdwan_route_id_request="0" sdwan_route_name_request="" sdwan_route_id_reply="0" sdwan_route_name_reply="" user="USER-ID" user_group="Legal" web_policy_id="15" ips_policy_id="3" appfilter_policy_id="11" app_name="" app_risk="0" app_technology="" app_category="" vlan_id="" ether_type="IPv4 (0x0800)" bridge_name="" bridge_display_name="" in_interface="Port1" in_display_interface="Port1 - LAN" out_interface="" out_display_interface="" src_mac="USER-MAC" dst_mac="" src_ip="192.168.13.46" src_country="R1" dst_ip="142.251.37.3" dst_country="USA" protocol="UDP" src_port="49966" dst_port="443" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature" app_is_cloud="0" log_occurrence="1" flags="0" web_policy="Default Workplace Policy with Adware Block"

messageid="00002" log_type="Firewall" log_component="Firewall Rule" log_subtype="Denied" status="Deny" fw_rule_id="27" fw_rule_name="GMail_Client2Wan" fw_rule_section="Local rule" policy_type="2" user="USER-ID" user_group="Legal" web_policy_id="15" ips_policy_id="3" appfilter_policy_id="11" ether_type="IPv4 (0x0800)" in_interface="Port1" in_display_interface="Port1 - LAN" src_mac="USER-MAC" dst_mac="" src_ip="192.168.13.46" src_country="R1" dst_ip="142.251.37.3" dst_country="USA" protocol="UDP" src_port="49966" dst_port="443" hb_status="No Heartbeat" appresolvedby="Signature" log_occurrence="1" web_policy="Default Workplace Policy with Adware Block"

messageid="00002" log_type="Firewall" log_component="Firewall Rule" log_subtype="Denied" status="Deny" fw_rule_id="27" fw_rule_name="GMail_Client2Wan" fw_rule_section="Local rule" policy_type="2" user="USER-ID" user_group="Legal" web_policy_id="15" ips_policy_id="3" appfilter_policy_id="11" ether_type="IPv4 (0x0800)" in_interface="Port1" in_display_interface="Port1 - LAN" src_mac="USER-MAC" dst_mac="" src_ip="192.168.13.46" src_country="R1" dst_ip="142.251.37.3" dst_country="USA" protocol="UDP" src_port="49966" dst_port="443" hb_status="No Heartbeat" appresolvedby="Signature" log_occurrence="1" web_policy="Default Workplace Policy with Adware Block"



This thread was automatically locked due to age.
Parents Reply Children
No Data