Greetings good afternoon community team I have a question In the log viewer I see blocked attempts to access some websites with Category "Sexually Explicit" I want to search for older logs but the log viewer only gives me data up to 2 days ago, I…

Hi everyone, one of our customers is experiencing a strange problem, the logs are saying that traffic is denied but well its working, so i guess its a problem with the loggin daemon? Here it says that the traffic is denied and the reasons are always…

Hi folks, what does the blue color mean in log viewer? Can't find it in the documentation. Regards Gero

Hi, I have rule 5. It's a DNAT from the WAN IP 188.175.113.182 in to the network to the VoIP server. If I look in the LOG, I see the following: The first line does correspond to rule 5, but what do the other lines mean? They are also marked…

Is it possible to filter more than one port in the log viewer? I am trying to find some specific traffic and i want to exclude both 443 and 123 but I cant seem to stack the filters. Thanks!

(simple ANY rule with a lot of traffic -> should be in LOG)

Is it normal that in the FW Logs is sometimes a zone entry and sometimes not? The FW should in any case know what zone the paket comes from/to.

Hi, I'm having trouble with the WAF, XGS 2300 v19.5.1 I add the webserver web .xxx.xxx - it has policy ID 129 . But if I go to web .xxx.xxx in the log it shows that web.xxx.xxx has policy ID 43 . I get a 503 error But the policy ID 43 is spsluzba.xxx…

Just noticed several logged entry for user's traffic without any Out interface The screenshot below is an example. The user is the same and its traffic is using the same firewall rule 11 but the bottom three lines have the port2 as out interface but…

We have MS exchange servers hosted on our network and Firewall rules, Email filers and NAT configured on our Sophos XG to forward mail to our servers. Recently end users would have reported not receiving certain emails. This is random. After looking at…

Hi, We are getting "Invalid Traffic" in Log viewer for some Ports from DMZ to WAN. The firewall rules are configure correctly, can anybody help to resolve the issue. Thx, Ashfaq

on SFOS 18.5.4 and 19.0.1 we still notice that Admin Audit logs in Logviewer are not showing all changes admins make on the system. Example: anything you do with IPS policies is not logged. Adding, changing, deleting other example: IPSec Site…

Hi I'm migrating my UTL9 Home to FW 19.0, nearly complete but have a few niggles to sort out. One of them is the log viewer. It doesn't seem particularly quick and is quite chunky. Is there another view or config that can be done to provide the…

Hi, We're seeing repeated but inconsistent log entries with the bytes sent in the 4GB region. We use Fastvue and these incorrect bytes values mess with our reporting and make it hard to track down actual high bandwidth users. Some users are reported…

Hello, Since installing the latest version of SFOS Firmware 19.0.0 GA-Build317, I found that reports they are no longer functional since 2022-07-29 13:12:22 , how I should do to solve this problem , this is the first time I have encountered this kind…

hello I have server with SFOS v19, I am confused about log viewer. I think that it always show only logs in 10 minutes window. I tried to change time filter (all records ,last 4 hours, 60 minutes, etc.) but it doesn't work . I can only view firewall…

Good day, at the moment we have a lot of shity traffic going on , mostly from Russia and its lovely friends . Right now I ´ ve seen that there are p ackages without origin-port and destination-p orts in the Log Viewer . Whys that ? Never had this…

Hello, I am running XG FW firmware version 19.0.0. Log Viewer is no longer showing current entries for all categories. The last entry logged was on 1/26/22. I've checked log settings and disk space and everything looks correct. I also have…

hi all, got an xgs firewall but when i go to "log viewer" from the home page to see live logs, all i can see is "src ip" to "dst ip" is there a way to see the "src ip" to "dst url" if i cant do it via the gui, is there a way to do it via terminal…

Hi, is it somehow possible to get the live viewer filter correctly including the first dot? This is still not working. Any workaround? Already asked this unanswered in 2020: https://community.sophos.com/sophos-xg-firewall/f/discussions/123796/live…

Hello from Germany, I am trying to wrap my brain aroud the following situation: I have a rule that allows access to an NTP server to anybody (# 61, rule says ACCEPT, see below) I have IP Cameras which should not be allowed to reach outside…

how to delete all log viewer in sopho s xg 330 ( web filter -application filter - firewall ) not Reports