Hi, I have an XG125w (and before that am XG106) with SFOS 18.5.1 MR-1-Build326. When I go to the log viewer, Application Filter tab, the log is empty, It has always been empty, even with the XG106. I checked my firewall rules and they are all set to…

Hello from Germany, I am trying to wrap my brain aroud the following situation: I have a rule that allows access to an NTP server to anybody (# 61, rule says ACCEPT, see below) I have IP Cameras which should not be allowed to reach outside…

how to delete all log viewer in sopho s xg 330 ( web filter -application filter - firewall ) not Reports

Hi all, Puzzled at why the XG210 is rejecting some packets. I've read the forums, could this related to conn_track? This is so strange. On v18.5

Rule is getting Denied, even though policy is created. And Logs shows the message "Could not associate packet to any connection."

Hallo, wir sind kürzlich von SG auf XG umgestiegen und haben nun zum ersten Mal den Fall, dass jemand eine Regel bearbeitet hat, dabei aber etwas angepasst, was nicht sein sollte. Was zuvor aber drin stand kann die Person nicht sagen. Bei der…

Whenever I check the log viewer, it is full of messages like Appliance Access 255.255.255.255 denied. I understand that is access to 255.255.255.255 is blocked by design. I recently created a syslog server and sending XG logs to it. The logs are full…

Hello, we have several devices running (SFOS 17.5.15 MR-15) that are with Log viewer / System log empty. Doe someone has ideia about fix it ? is it a know issue!? regards Carlos

Much like this post, https://community.sophos.com/products/xg-firewall/f/logging-and-reporting/98950/how-to-log-dropped-firewall-http-s-traffic , I'm noticing that since upgrading to v17 that the log viewer doesn't show all of the blocked traffic. Is…

As per the example below: Log viewer -- fw_rule_id="4" Log viewer -- IPv4 Bypass (ID: 5) 2018-08-12 19:01:59Web Filtermessageid="16001" log_type="Content Filtering" log_component="HTTP" log_subtype="Allowed" status="" fw_rule_id="4" user=…

I am unable to find the logs for the remote SSL vpn users on the reports dashboard. I am able to find only the username and internal ip the sophos xg has issued to the user. I cant see time, date of connection including what public ip address from where…

Hello, I am looking for a way to dump all of the admin logs. If I am in the GUI log viewer, the section titled 'Admin' is what I am looking for, but I want those logs going back further than the GUI provides. I have looked in the /log directory from…

Hey Community, In the Log Viewer, an administrator may notice when using the quick filter that log entries outside the set range of time will also be displayed. This article explains the quick filter's behavior.. This KB article explains the quick filter…

Hello Everyone. I posted few month ago that a "clean up rule" so common on competitive firewalls cannot be on Sophos XG, without causing reporting issues. Here: https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/98440/clean-up…

Hi all, Having trouble getting this to log dropped traffic. This is only a testing environment, for me to play around in. I've installed XG 17.0.1 on a VMware. I'm trying to get similar functionality as UTM 9 but not having much luck. Currently, the…

Hi All, I am wondering is there any way to extend the firewall real time live logs from Log viewer. I noticed that currently I could only view for past around 10 mins time. I have a customer who is requesting if this is possible. Thank you…

Hello again! So I came home to find my Sophos XG Firewall completely turned off. After cold booting it 2 times it finally spoke to me again. In search of any log files which may give me a clue, I found the advanced shell and with it the following…

Hey Guys, i was wondering if i am blind or just plain stupid. But i am searching for the PPPOE Logs from a few day's ago. Is it possible to show older logs for eg. the pppoe in the web gui? I just can see log files from today when i use the "time…

Sites that are not categorized fit into one of these categories: (1) a legitimate enterprise that is too small to get noticed by the categorization service, (2) a malicious enterprise that changes its domain name regularly to evade categorization, (3…

HI, I am looking for any documentation about setting up canned reports on the Sophos Firewalls. We are currently evaluating the XG Firewalls and reporting is the main reason we are looking into these devices. I have searched the knowledge…