Hello, I have been testing the use of clietless access VPN with a customer and we found that there's not info on the reports for this VPN. We are using those bookmarks to give access through RDP to some servers. Alls the bookmarks works and the users…

Hello, I'd like to collect and analyze the wireless logs. Older accesspoints send in nice logs like this one: 2020:11:11-17:13:01 <AP_ID> awelogger[9274]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="mySSID" ssid_id…

I'm trying to find out the (historic) source public IP address of a user who has been connecting to the Sophos SSL VPN on a Sophos XTM firewall. In the firewall logging I can find all the info for this user after he has connected, but the only way I can…

I created and deleted some local users on XG. Logging for creation is OK - I can see who created a user and see the username of the new user. When deleting, the user name field is empty and the usernames that had been deleted are not logged. It just…

Hello Team, I have tried to use the packet Filter option with multiple combination like IP address, Port, protocol but it doesn't filter/display any result. Can I have some information regarding how exactly it is working and can I have some example…

Hi; Is it possible to export the log viewer to the dhcp logs that appear in the Log Viewer. date - based. 2018-10-16 23: 08: 27SYSTEMmessageid = "60020" log_type = "Event" log_component = "DHCP Server" log_subtype = "System" status = "Renew" leased_ip…

Hello, I am a sophos partner and one of my potential clients is consulting me if you can integrate sophos reports with an external tool. I was reading several links of the community and several KB. Try the Python script but still not much information…

I am unable to find the logs for the remote SSL vpn users on the reports dashboard. I am able to find only the username and internal ip the sophos xg has issued to the user. I cant see time, date of connection including what public ip address from where…

Hello, Does anyone know a a scriptable way to retrieve the system/event logs of the firewall? please let me know some automated method. thanks

Hi all, I trying integrate sophos XG with iView (SIVOS 03.01.2) , but nothing is sent to iView by XG ( SFOS 17.1.0 GA) . My configuation: iView: XG: what happened?

Wow....I have a much faster internet connection that I could possible imagine...and one that would have 99.9% of the worlds population in envy! Never even knew I had a connection that was 214TB :) Joking aside - is there anyway to be able to fix the…

I'd like to get a feel for what applications are being used on the network but it seems the Application log only shows what is blocked. Is there any way to monitor application usage without actually blocking them?

Hello, I am looking for a way to dump all of the admin logs. If I am in the GUI log viewer, the section titled 'Admin' is what I am looking for, but I want those logs going back further than the GUI provides. I have looked in the /log directory from…

Hi Guys, I am new to Sophos XG Firewall and currently i am working to integrate Sophos XG with OSSIM for security event monitoring (SIEM). I am able to forward all logs to the OSSIM but there is one more logs that i can not send to the SIEM, yes it…

Hey Guys I've enabled outbound spam filtering on my XG 115W firewall as I was ending up on email blacklists. I've also got an Exchange 2010 server running behind the firewall. I'm getting some weird outgoing email traffic in my XG firewall. In the…

I can't remove the logs even after flush/purge the reports. Why? it's possible to do it? By the way ATP logs are enable in the settings but don't appear in the logs even with I filter, do I have to enable the log in the LAN->WAN firewall rule? or…

Hello, Since the 17th of March, I have an issue with iView. Before the 17th March the "Allowed Traffic Overview" was working well and the "App Risks & Usage" report too. But since the 17th March, the "Allowed Traffic Overview" is empty, and the "App…

XG SFVH (SFOS 17.0.6 MR-6) Win10 Hyper-V (1709) XG guest has 2 vCPU, 4GB RAM, 127GB vHDD, 2 vNICs in XG1 guest mapped to separate physical NICs on host. WiFi includes 2@ AP15, running main and guest networks, both registered and working fine. In System…

XG230 running 17.5 MR5. I want to be able to see traffic aimed at our 2 external IPs. In a previous position I had installed an ASA5508 and would see traffic on the external interface that was denied. Everything from login attempts to IP spoofing. I would…

I'm currently backing-up my justification to increase our internet bandwidth. I need to get the average Network usage(a span of 1 year) from 8:00-18:00(work hours) rather than the 24 hour period presented in the graphs. Does anyone know how to export…

I recently had to troubleshoot a users machine in which, uploading to an "online cloud storage solution" (S3, Dropbox, OneDrive all did it) caused the machine to freeze ( the hang time was determined by the filesize ) when browsing to select the file…

Hi folks, appreciate your help in advance. I have an XG85 running SFOS 17.0.2 MR-2. It is set up to send logs to a Syslog server I set up just yesterday. [ https://i.imgur.com/BoNeNsB.png] [ https://i.imgur.com/0h1MnvD.png] That server is receiving…

Hello guys, i builded an new active - active cluster with my two XGs. Now I have one question: The Network traffic is going through both devices. But now I want to see the reports of my Network traffic from both Appliances. In the Reports Tab of the appliance…

We've had management ask for detailed VPN reports for some of our users, and are having a hard time delivering what they want. If I navigate to Reports>VPN>SSL VPN, I can get a report of what users connected, how many times they've connected, and how…

Hi all, Having trouble getting this to log dropped traffic. This is only a testing environment, for me to play around in. I've installed XG 17.0.1 on a VMware. I'm trying to get similar functionality as UTM 9 but not having much luck. Currently, the…