Moin Zusammen, kann mir einer mal erklären, warum diese Sophos Webdienste alle unter der Kategorie "none" laufen? Sophos Ähm, die Kategorie "none" gehört mit zu den ersten Dingen, auf die wir normalerweise als erstes den Zugriff sperren. Sollte…

Hi, I have running some rules from third party tool using logs from Sophos XG Firewall version SFOS 17.5. Some of the rules are based on specific IDs from https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts…

Hi, We're seeing repeated but inconsistent log entries with the bytes sent in the 4GB region. We use Fastvue and these incorrect bytes values mess with our reporting and make it hard to track down actual high bandwidth users. Some users are reported…

Hey all :), our XG just notified us, that the disk is full. After a little search on Google I purged all available reports. Sadly it did not help. Is there something else i could do. Our Firewall is runnning the latest Firmware that is available 19…

Hi, I've been copying a lot of data over SSL this weekend, and I've noticed that while the current activities window shows the traffic, and also includes the total downloaded, the reporting side of things doesn't This is using the latest v19 MR1…

Hello time, I'm having trouble viewing custom reports, Web surfing report, which is only in No record found. Other reports are apparently working, but Web Risks & Usage I don't get any reports. In my NAT rule, Log firewall traffic is active and…

Dear Colleagues! The Sophos Firewall stoped to record the reports. I can't see the traffic dashboards, logs VPN Connections and logs webfilter. When I reboot the firewall the logs are created and I can see it. Someone c Post an help me?

Hello, I have the need to use my firewall's report storage on an external device, such as a NAS for example. It happens that I need to keep the Web Surging report for a period of 1 year, and with the current data traffic, my appliance can keep this…

Hi folks, a discussion about the use of XG on board reports and their accuracy. The reports provide a summary of the affect of users firewall rules and polocies along with the XG inbuilt functions. So what is reflected in the reports is effected highlights…

Hello, Since installing the latest version of SFOS Firmware 19.0.0 GA-Build317, I found that reports they are no longer functional since 2022-07-29 13:12:22 , how I should do to solve this problem , this is the first time I have encountered this kind…

Hello! I have a Sophos XGS 126 firewall, and the report disk fills up every week. I got emails that the " Reports disk Usage reached 90% exceeding the higher watermark of 90%" and I need to flush the reports disk to work. I disabled the log in all firewall…

hello I have server with SFOS v19, I am confused about log viewer. I think that it always show only logs in 10 minutes window. I tried to change time filter (all records ,last 4 hours, 60 minutes, etc.) but it doesn't work . I can only view firewall…

Hello, I just migrated a customer from UTM to XG (18.5 since 19 is not recommended by the support) and the default 80GB report partition of the VM is filling very quickly, in about 20-25 days. Logrotate is not well implemented and the firewall got…

Good day, at the moment we have a lot of shity traffic going on , mostly from Russia and its lovely friends . Right now I ´ ve seen that there are p ackages without origin-port and destination-p orts in the Log Viewer . Whys that ? Never had this…

I have a firewall rule (rule 20) which is a "log and drop" rule at the bottom of the IPv6 rules. But I'm seeing something very weird: some of the time it says "Denied" and some of the time it says "Allowed". There are no exceptions in the rule. Not only…

Hi all, I am running the latest version of Sophos XG (19.0) in a HyperV VM. All has been well since installation some time ago, but suddenly I am having issues with the Garner service, and the XG is reporting Service LoggingDaemon stopped. No config changes…

My SG330 (SFOS 19.0.0 GA-Build317) has been running for a long time and was recently upgraded to V19. I don't read reports very often, but today I found all the reports were empty. No matter how long you choose . Where might I look to troubleshoot this…

I have an XG125w (SFOS 18.5.2 MR-2-Build380). A while back, I had a website that needed a web exception for SSL/TLS decryption and scan. The domain needed did not appear in the SSL/TLS log viewer. I opened a ticket with support and they gave me some…

Hello, I have two ISP router, ISP1 router connected to port 2 and ISP2 router connected to port3. So i want to filter reports by outgoing port (interface), but the report page gives me only the option to filter by rules, source zone or destination…

Hello, I am running XG FW firmware version 19.0.0. Log Viewer is no longer showing current entries for all categories. The last entry logged was on 1/26/22. I've checked log settings and disk space and everything looks correct. I also have…

Hi. I'm using the most recent version of Sophos XG Firewall in a virtual Proxmox environment. I'm using it as my internet gateway / router. Therefore I have NAT enabled using the default firewall rule with a linked SNAT rule (MASQ). I enabled DPI…

Hello Guys, We are using Sophos XG-220 firewall since long. We have a Active-Passive configuration. For Internet usage, we have created multiple VLANs and All VLANs have multiple users. All users going through captive portal and login it's user name…

Hi, We have an XG 135 running SFOS 18.5.3 MR-3-Build408. There are two gateways, a primary and backup. One of our users is encountering an intermittent timeout on a specific website when performing a specific action. I have been checking our firewall…

Hello, We have an old linux server we use to send emails with. It was set up by an employee who is no longer with the company, and no one has the login. We think we have moved all of our services off this server, so we think it is no longer being used…

Hi I would like some guidance on how to configure elk to populate dashboards once SophosXG firewall is sending logs to my server and I confirmed this using tcpdump command?