Browse By Tags

I am trying the below code to delete the user with the api url given REF_AaaUseTest but i am getting the response of confirmation and how can i proceed further or how can i give further input for that response to delete the user? import requests import…

Good afternoon! I am new to sophos and we are trying to test out the endpoint protection. I was able to get the plug-in installed. I was able to get the permissions corrected to allow the API to stay connected, but now I can not sync. This is with our…

I've made a request to IBM for official integration between Sophos Central and IBM QRadar SIEM. If you have an interest in this please vote for the request at https://ibmsecurity.ideas.ibm.com/ . Idea: QDSM-I-1640.

Hello, I am currently looking to build a solution to scan S3 objects using Sophos engine. Based on my research it seems I have two options: - SAV-DI however it seems this solution is not going to be supported after march 2022. Also I didn't find what…

Hello, I am trying to use de api version 1800.2, i manage to get a list of users, but i want to have a list of open vpn connection (sslvpn) and beable to disconnect one if needed using the api. With regards, Richard

Could we get the ability to see and alter the logins attached to a user in sophos as highlighted below The reason I want to do this is due to a large number of duplicate users in our Sophos central estate because of how our Apple Macs show users as…

I wanted a way to auto update my letsencrypt certificates for use on my XG firewall and WAF rules. I developed this script to handle multiple certificates, and to be as dynamic as possible. The approach I took to achieve this is the following: 1) Within…

Hey Guys, i need to change a Firewall Rule with the API. I tried to many times and read the documentation, but i dont find the solution. my XML:<Request APIVersion="1800.1"> <Login> <Username>username</Username> <Password passwordform="plain…

Hi there, We're working with the Sophos Apis and we have created a client id and secret. We're using this access token to make requests and to manage devices, but the token expires 1hour after creation (as is expected). The response from this request…

We try to get a list of our tenants with curl.exe -XGET -H "Authorization: Bearer <jwt>" -H "X-Organization-ID: <organization-id>" api.central.sophos.com/.../tenants But the answer is { "error": "Internal Server Error", "correlationId": "a6f54b89-8590…

So I've been playing around with the api, I'm a bit of a novice at these things but have managed to get it to update the ipsec vpn details, my problem is that whenever I edit the settings it seems to deactivate the vpn, even if I set the activate on save…

Hi all, we are querying the firewall rule list from a v18.x Sophos with the following endpoint: /webconsole/APIController?reqxml=<Request><Login><Username>xxxxx</Username><Password>xxxxx</Password></Login><Get><FirewallRule/></Get> Does anyone…

Hello, I've just started testing the XML API and this really looks Awful. This is stated in the documentation: docs.sophos.com/.../index.html Status Message Information : Operation Status Message Add IP Host 200 Host "<DynamicValue…

Hi, We would like to retrieve the list of firewalls. The same as this one: https://cloud.sophos.com/manage/partner/firewall/assign/managed I don't think it's possible yet. Regards, Greg

TL;DR I'm trying to query the list of tenants using the Partner API in Azure Data Factory (ADF). The pagination functionality within ADF relies on there being some sort of reference to the next page in the response to the current page, which isn't the…

Hi Every time I change a firewall rule using SFOS 18.0.5 MR-5-Build586 API, it keeps removing the firewall rule from its original Firewall Rule Group. Actually, the Firewall Rule Group is nowhere mentioned, when you query all your Firewall Rules directly…

Hello Community, I trying to delete Unicast Route via API call without any success. This is my request: <Request> <Login> <Username>user</Username> <Password passwordform='encrypt'>my-pwhash</Password> </Login> <Remove> <UnicastRoute> <DestinationIP…

Hi, I am setting up some XG firewalls that are integrated in central. What is the best way to transfer parts of the configurations from one firewall to the other? I am thinking of some templates regarding host and network definitions, policy definitions…

Hello Community, is it possible to configure the xfrm Interfaces via API calls? I need to setup Nane, IP-Address and Netmask. Thanks, Ben

Hi, I can see in the documentation that you can POST data about the contact when you create a new tenant. I don't see in the documentation how to retrieve the "contact" information for a specific tenant. Do you plan to expose this kind of data through…

Bonjour Je suis un etudiant j'ai en cours de developper un firewall pour bloquer une adresse IP j'ai integrer sophos XG avec splunk Entreprise et j'ai un probleme de developper un code XML ou de savoir les commandes utiliser pour bloquer une adresse…

Hi, do you have expierence with Power BI queries to Sophos Central API? I would like to have a query which client hostnames are protected, inactive, online ... I've created token in Sophos Central and also have the clientID and the secretID but I don…

Good morning all I am having a problem with the sophos API. Every time I run my script I get an "Authentication Failure" and I suspect there is a password problem but I can't find the correct password. I think I have successfully recovered the user…

Disclaimer: Please contact Sophos Professional Services if you require assistance with your specific environment. If you’re using Sophos' default SIEM integration script and would like to select the types of events you’re retrieving, perhaps you don…

Hello Community, I build a script to delete firewall rules. The script works as expected with one exception. If I try to delete the '#Default_Network_Policy' I receive the error message: 529 Input request file is Invalid. What is the trick to delete…