• Question about Classification and Category and reporting?

    rfcat_vk
    rfcat_vk
    Hi folks about 4 months ago I asked a similar question and the answer did not clarify the issue. https://community.sophos.com/sophos-xg-firewall/f/discussions/137860/classification-question I see a number ICMP items reported in the daily reports…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Bug: Can I exclude domains from being logged?

    DS7109
    DS7109
    Using SFOS 19.5.1 MR-1-Build278 (SFVH (SFOS 19.5.1 MR-1-Build278)) Is it possible to exclude logging certain domains to declutter the logs. Things like outlook.com or Apple.com, or the huge number of tracking/analytics domains. I’ve tried setting…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • how to get firewall log to wazuh dashbaord

    darkfox
    darkfox
    can any one reply me how to send the firewall xg 115 syslogs to wazuh dashboard? please!
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Proposal for improvement on Sophos XG

    Franck LUDJET
    Franck LUDJET
    Proposal for improvement on Sophos XG logs: in the display of logs, automatically show the service and IP declared in "hosts and services" to improve readability. And improve interactions with declared objects. This means that when a port number is entered…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • identify spikes in traffic, ssl/tls and sessions before outage

    Maximilian Mätschke
    Maximilian Mätschke
    Hey, this noon our entire network crashed for a couple of minutes. All i can see in our sophos portal is, that the "Sessions" graphs at the Control center --> "SSL/TLS" and "Network" spiked unusually high shortly before this outage happened. (see…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Monitoring of multiple firewalls

    Denis Christov
    Denis Christov
    Hi all, we have a lot of firewalls in a Partner Central console. I can see all the necessary alerts by selecting "Alerts" in the "My Customers" section in the left-hand menu. BUT I am searching for a way to monitor just specific alerts for specific…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • LoggingDaemon DEAD ((SFOS 19.5.1 MR-1-Build278) )

    Joemar Dela Cruz
    Joemar Dela Cruz
    Good Day! I have error on my XGS4300 HA config Active-Passive. Service name Status LoggingDaemon DEAD xgs-healthmond STOPPED
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS 19.5.1 MR-1 LoggingDaemon / Garner service DEAD

    Corey Carpenter
    Corey Carpenter
    Hello, I logged into my Sophos XG firewall this morning and noticed that the LoggingDaemon/Garner service is dead. I tried restarting it from command line and of course it would not start. I started digging through related threads on this forum, but I…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Hi, can somebody please post Sample sophos logs ?

    aditi verma
    aditi verma
    Please someone can help me with sample sophos logs.
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall Log Size

    drimalski
    drimalski
    Our Sophos XG430 logs only two days backwards. That's way too small. How to increase the amount of days that will be logged?
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Grafana Zabbix - Sophos v19.5

    Ronaldo de Moura
    Ronaldo de Moura
    Guys, has anyone had success using grafana/zabbix with Sophos in version 19.5? I found little information about sophos and zabbix, a lot of material was developed for version 18, which is no longer functional, Sophos support nobody can help. Can anyone…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Log file containing dhcp client requests?

    MarkThornton
    MarkThornton
    I'm trying to locate the logfile that would track the firewall's own client dhcp request over a WAN connection when trying to get an ip from a Cradlepoint modem? My XG210 (SFOS 19.5.1 MR-1-Build278) is having trouble, but when I connect my laptop to the…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS logfiles unavailable with WinSCP?

    MarkThornton
    MarkThornton
    I have used WinSCP with my XG firewall to read the logfiles because I'm not a linux propeller-head guru. Now I'm having an odd WAN dhcp problem on my new XGS firewall, when I go to the logs up pops a dialog box saying /logs/tslog is empty. What's up with…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DNS logging of resolutions against XG dns configuration

    Stefan B
    Stefan B
    With using the XG as DNS responder, is there a logfile that is recording the requests? By looking at Log file details - Sophos Firewall none of those files contain the actual logging of the requests and respondses.
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG randomly classifies traffic as X-VPN - why?

    rfcat_vk
    rfcat_vk
    Hi folks, I know when this is issue started, but do not understand why? There is another thread asking for assistance to block X-VPN which I added to my block list because it was bypassing the block VPN and tunnel filters. The device affected is…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Central Firewall Manager Average Bandwidth - Info

    Gib GoDesk
    Gib GoDesk
    Hey guys. I would like to know if anyone knows or if there is any document that talks about the consumption of bandwidth that the Sophos firewall consumes for sending logs and reports to Sophos Central. I would like to know the average consumption…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall: Quick and easy configuration of Sophos Central Reports

    Vivek Jagad
    Vivek Jagad
    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Sophos Central Registration…
    • over 1 year ago
    • Sophos Firewall
    • Recommended Reads
  • WAN Down but logs show DDNS updated and DNS lookups successful

    Brian1941
    Brian1941
    My WAN has been down for hours but the DDNS logs show the updates are successful. And the firewall logs show success for DNS lookups. How can that be?
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Source IP is Gateway IP

    Stefan Harms
    Stefan Harms
    Hey there, im quiete new to thes Sophos Firewall., I have a Problem.: I created a rule that a client is able connect to a Server in a diffrent V-Lan. On the Server Logs i can see the Traffic from the Client . As source IP, the Gateway IP is listed…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Time log for SSL VPN connection users.

    Lluis Bigordà
    Lluis Bigordà
    I need to extract or download a daily report, of the time and schedule that users are connected to the vpn ssl. You can get traffic per user, but not the time data. If we enter the user file, this data is indeed there. But it has to be entered manually…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG DNS Logging and offload to SIEM

    dm4884
    dm4884
    I've successfully configured our XG Firewalls to push logs to our SIEM solution which works well, though when trying to trace source of DNS requests I can't find anything logged either locally on the XG, or anything on the SIEM other than a UDP port 53…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WEB reporting - bug

    rfcat_vk
    rfcat_vk
    Hi folks, in my daily reports I see an entry for "Proxy and Tunnel', searching the log viewer - web - category for Proxy and Tunnel returns no record found. And if you review applications under "Proxy and Tunnel" that also return no record…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS on 19.5.0 and SNMP Interface ID

    Col Haisell
    Col Haisell
    Hi, We use SNMP to monitor interface utilisation on a XGS 107 [firmware 19.5.0]. The XGS recently lost power and the SNMP Interface ID number changed when the power was restored. My SNMP server had to rescan the XGS to learn the new SNMP Interface ID…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How to enable SNMP via WAN on Sophos XG v19.5

    sneader
    sneader
    Running SFOS 19.5.0 GA-Build197 How to enable SNMP via WAN port? I have enabled: System > Administration > Device Access > SNMP on WAN and LAN There is no response to SNMP queries from the WAN. However, it works fine in LAN. What else needs to…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos logs send in ELK stack using elastic agent

    Nilanjan Dey
    Nilanjan Dey
    Dear Team, I am facing an issue. I want to collect logs using the elk stack. When I downloaded and extract elk-agent on sophs and try to install the agent it gave me an error. show Permission Denied. Please see the attachment for references. Kindly…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>