Proposal for improvement on Sophos XG logs: in the display of logs, automatically show the service and IP declared in "hosts and services" to improve readability. And improve interactions with declared objects. This means that when a port number is entered…

Hey, this noon our entire network crashed for a couple of minutes. All i can see in our sophos portal is, that the "Sessions" graphs at the Control center --> "SSL/TLS" and "Network" spiked unusually high shortly before this outage happened. (see…

Hi all, we have a lot of firewalls in a Partner Central console. I can see all the necessary alerts by selecting "Alerts" in the "My Customers" section in the left-hand menu. BUT I am searching for a way to monitor just specific alerts for specific…

Good Day! I have error on my XGS4300 HA config Active-Passive. Service name Status LoggingDaemon DEAD xgs-healthmond STOPPED

Hello, I logged into my Sophos XG firewall this morning and noticed that the LoggingDaemon/Garner service is dead. I tried restarting it from command line and of course it would not start. I started digging through related threads on this forum, but I…

Please someone can help me with sample sophos logs.

Our Sophos XG430 logs only two days backwards. That's way too small. How to increase the amount of days that will be logged?

Guys, has anyone had success using grafana/zabbix with Sophos in version 19.5? I found little information about sophos and zabbix, a lot of material was developed for version 18, which is no longer functional, Sophos support nobody can help. Can anyone…

I'm trying to locate the logfile that would track the firewall's own client dhcp request over a WAN connection when trying to get an ip from a Cradlepoint modem? My XG210 (SFOS 19.5.1 MR-1-Build278) is having trouble, but when I connect my laptop to the…

I have used WinSCP with my XG firewall to read the logfiles because I'm not a linux propeller-head guru. Now I'm having an odd WAN dhcp problem on my new XGS firewall, when I go to the logs up pops a dialog box saying /logs/tslog is empty. What's up with…

With using the XG as DNS responder, is there a logfile that is recording the requests? By looking at Log file details - Sophos Firewall none of those files contain the actual logging of the requests and respondses.

Hi folks, I know when this is issue started, but do not understand why? There is another thread asking for assistance to block X-VPN which I added to my block list because it was bypassing the block VPN and tunnel filters. The device affected is…

Hey guys. I would like to know if anyone knows or if there is any document that talks about the consumption of bandwidth that the Sophos firewall consumes for sending logs and reports to Sophos Central. I would like to know the average consumption…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Sophos Central Registration…

My WAN has been down for hours but the DDNS logs show the updates are successful. And the firewall logs show success for DNS lookups. How can that be?

Hey there, im quiete new to thes Sophos Firewall., I have a Problem.: I created a rule that a client is able connect to a Server in a diffrent V-Lan. On the Server Logs i can see the Traffic from the Client . As source IP, the Gateway IP is listed…

I need to extract or download a daily report, of the time and schedule that users are connected to the vpn ssl. You can get traffic per user, but not the time data. If we enter the user file, this data is indeed there. But it has to be entered manually…

I've successfully configured our XG Firewalls to push logs to our SIEM solution which works well, though when trying to trace source of DNS requests I can't find anything logged either locally on the XG, or anything on the SIEM other than a UDP port 53…

Hi folks, in my daily reports I see an entry for "Proxy and Tunnel', searching the log viewer - web - category for Proxy and Tunnel returns no record found. And if you review applications under "Proxy and Tunnel" that also return no record…

Hi, We use SNMP to monitor interface utilisation on a XGS 107 [firmware 19.5.0]. The XGS recently lost power and the SNMP Interface ID number changed when the power was restored. My SNMP server had to rescan the XGS to learn the new SNMP Interface ID…

Running SFOS 19.5.0 GA-Build197 How to enable SNMP via WAN port? I have enabled: System > Administration > Device Access > SNMP on WAN and LAN There is no response to SNMP queries from the WAN. However, it works fine in LAN. What else needs to…

Dear Team, I am facing an issue. I want to collect logs using the elk stack. When I downloaded and extract elk-agent on sophs and try to install the agent it gave me an error. show Permission Denied. Please see the attachment for references. Kindly…

Hi. does anyone know if there will be an integration or access to log files from the UI at some point? It's getting annoying that UTM is discontinued and nothing of the essential features is taken over.

Hi, I have firewall xg230,I want know who opened Facebook website in last month. I want detalid steps and view detalid result. Regards,

Just noticed several logged entry for user's traffic without any Out interface The screenshot below is an example. The user is the same and its traffic is using the same firewall rule 11 but the bottom three lines have the port2 as out interface but…