Hi, I'm currently looking for a way to better examine logs (on a daily basis) from a Sophos XGS appliance using some kind of centrally managed log aggregation system. I was thinking of using something like the ELK stack, GrayLog or Splunk. Are there…

Hi folks, a couple screenshots about unclassified protocols. Considering these are known services I would have thought they should be classified as one of the first protocols of the block? Why are they still unclassified? Ian

Hi All, I want to know that how can we check which user is going through Sophos proxy toward Internet, Is there any procedure to check in Sophos XG Firewall. Let me give an example - I am LAN user which is using Sophos Proxy in configured…

Hello Team For how long can we store the logs in Sophos XGS 107 Firewall.

Got a notification that my config disk usage reached 80%. Any idea on how to purge or shrink the size? Currently on: 19.0.1 MR-1-Build365 Message: Config disk Usage reached 80% exceeding the threshold of 80%

Hi, We are getting "Invalid Traffic" in Log viewer for some Ports from DMZ to WAN. The firewall rules are configure correctly, can anybody help to resolve the issue. Thx, Ashfaq

I'm wondering how to view usage of categorized cloud app "amazon shopping" of today. The reports do not contain a single amazon app name nor do they contain contain "online shopping" category. But I can find the application and shopping category detected…

Hello guys. I wanted to understand the cli feature that is in the Sophos documentation. custom-feature - Allows you to add top users to generated PDF reports. Ref.: system - Sophos Firewall What is it for and how can I use it?

Reporting does not work. I reviewed the reportmigration.log, and it seems like the report migration has never worked. The reportdb service is running, the disk space is fine, we have even run a manual purge of all log data. how can this be corrected…

on SFOS 18.5.4 and 19.0.1 we still notice that Admin Audit logs in Logviewer are not showing all changes admins make on the system. Example: anything you do with IPS policies is not logged. Adding, changing, deleting other example: IPSec Site…

Hi all, Is it possible to send SNMP trap or syslog to a monitoring server (zabbix) when a Sophos XG firewall detect IPS alert on TAP interface?

Hi folks, a question for the more knowledgable about XG mail scanning. My daily reports often show spam recipients which are not part of any mail accounts in my users. The firewall rules are setup to receive mail from only the ISP/RSPs. Ian

Hi I'm migrating my UTL9 Home to FW 19.0, nearly complete but have a few niggles to sort out. One of them is the log viewer. It doesn't seem particularly quick and is quite chunky. Is there another view or config that can be done to provide the…

Moin Zusammen, kann mir einer mal erklären, warum diese Sophos Webdienste alle unter der Kategorie "none" laufen? Sophos Ähm, die Kategorie "none" gehört mit zu den ersten Dingen, auf die wir normalerweise als erstes den Zugriff sperren. Sollte…

Hi, I have running some rules from third party tool using logs from Sophos XG Firewall version SFOS 17.5. Some of the rules are based on specific IDs from https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts…

Hi, We're seeing repeated but inconsistent log entries with the bytes sent in the 4GB region. We use Fastvue and these incorrect bytes values mess with our reporting and make it hard to track down actual high bandwidth users. Some users are reported…

Hey all :), our XG just notified us, that the disk is full. After a little search on Google I purged all available reports. Sadly it did not help. Is there something else i could do. Our Firewall is runnning the latest Firmware that is available 19…

Hi, I've been copying a lot of data over SSL this weekend, and I've noticed that while the current activities window shows the traffic, and also includes the total downloaded, the reporting side of things doesn't This is using the latest v19 MR1…

Hello time, I'm having trouble viewing custom reports, Web surfing report, which is only in No record found. Other reports are apparently working, but Web Risks & Usage I don't get any reports. In my NAT rule, Log firewall traffic is active and…

Dear Colleagues! The Sophos Firewall stoped to record the reports. I can't see the traffic dashboards, logs VPN Connections and logs webfilter. When I reboot the firewall the logs are created and I can see it. Someone c Post an help me?

Hello, I have the need to use my firewall's report storage on an external device, such as a NAS for example. It happens that I need to keep the Web Surging report for a period of 1 year, and with the current data traffic, my appliance can keep this…

Hi folks, a discussion about the use of XG on board reports and their accuracy. The reports provide a summary of the affect of users firewall rules and polocies along with the XG inbuilt functions. So what is reflected in the reports is effected highlights…

Hello, Since installing the latest version of SFOS Firmware 19.0.0 GA-Build317, I found that reports they are no longer functional since 2022-07-29 13:12:22 , how I should do to solve this problem , this is the first time I have encountered this kind…

Hello! I have a Sophos XGS 126 firewall, and the report disk fills up every week. I got emails that the " Reports disk Usage reached 90% exceeding the higher watermark of 90%" and I need to flush the reports disk to work. I disabled the log in all firewall…

hello I have server with SFOS v19, I am confused about log viewer. I think that it always show only logs in 10 minutes window. I tried to change time filter (all records ,last 4 hours, 60 minutes, etc.) but it doesn't work . I can only view firewall…