Hi, I have an XG125w (and before that am XG106) with SFOS 18.5.1 MR-1-Build326. When I go to the log viewer, Application Filter tab, the log is empty, It has always been empty, even with the XG106. I checked my firewall rules and they are all set to…

Hello from Germany, I am trying to wrap my brain aroud the following situation: I have a rule that allows access to an NTP server to anybody (# 61, rule says ACCEPT, see below) I have IP Cameras which should not be allowed to reach outside…

how to delete all log viewer in sopho s xg 330 ( web filter -application filter - firewall ) not Reports

Hi all, Puzzled at why the XG210 is rejecting some packets. I've read the forums, could this related to conn_track? This is so strange. On v18.5

Rule is getting Denied, even though policy is created. And Logs shows the message "Could not associate packet to any connection."

Hallo, wir sind kürzlich von SG auf XG umgestiegen und haben nun zum ersten Mal den Fall, dass jemand eine Regel bearbeitet hat, dabei aber etwas angepasst, was nicht sein sollte. Was zuvor aber drin stand kann die Person nicht sagen. Bei der…

Hello, we have several devices running (SFOS 17.5.15 MR-15) that are with Log viewer / System log empty. Doe someone has ideia about fix it ? is it a know issue!? regards Carlos

We just received an alert from an upstream SG UTM Firewall that the downstream XG firewall was blocked by SG due to ATP. This is DNS traffic towards namecheap DNS servers. Probably for for718-whileteam__heldlead__com (__ is a dot .) 2021:04:09-13…

Whenever I check the log viewer, it is full of messages like Appliance Access 255.255.255.255 denied. I understand that is access to 255.255.255.255 is blocked by design. I recently created a syslog server and sending XG logs to it. The logs are full…

Hello there are lot of threads how to deactivate those rule 0 invalid messages in logviewer which seems to be common in XG. But even with rules i.e. web browsing, there are still those messages. Is this a bug? Also this is misleading because the messages…

I have this rule And this is what the log looks like, the entire log doesn't fit but there is not a single droped connection on it. Why is this? Is a bug or what is the problem?

Hi; Is it possible to export the log viewer to the dhcp logs that appear in the Log Viewer. date - based. 2018-10-16 23: 08: 27SYSTEMmessageid = "60020" log_type = "Event" log_component = "DHCP Server" log_subtype = "System" status = "Renew" leased_ip…

Much like this post, https://community.sophos.com/products/xg-firewall/f/logging-and-reporting/98950/how-to-log-dropped-firewall-http-s-traffic , I'm noticing that since upgrading to v17 that the log viewer doesn't show all of the blocked traffic. Is…

As per the example below: Log viewer -- fw_rule_id="4" Log viewer -- IPv4 Bypass (ID: 5) 2018-08-12 19:01:59Web Filtermessageid="16001" log_type="Content Filtering" log_component="HTTP" log_subtype="Allowed" status="" fw_rule_id="4" user=…

I am unable to find the logs for the remote SSL vpn users on the reports dashboard. I am able to find only the username and internal ip the sophos xg has issued to the user. I cant see time, date of connection including what public ip address from where…

Hello, I am looking for a way to dump all of the admin logs. If I am in the GUI log viewer, the section titled 'Admin' is what I am looking for, but I want those logs going back further than the GUI provides. I have looked in the /log directory from…

Hey Community, In the Log Viewer, an administrator may notice when using the quick filter that log entries outside the set range of time will also be displayed. This article explains the quick filter's behavior.. This KB article explains the quick filter…

Hello Everyone. I posted few month ago that a "clean up rule" so common on competitive firewalls cannot be on Sophos XG, without causing reporting issues. Here: https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/98440/clean-up…

I can't remove the logs even after flush/purge the reports. Why? it's possible to do it? By the way ATP logs are enable in the settings but don't appear in the logs even with I filter, do I have to enable the log in the LAN->WAN firewall rule? or…

Hi folks, appreciate your help in advance. I have an XG85 running SFOS 17.0.2 MR-2. It is set up to send logs to a Syslog server I set up just yesterday. [ https://i.imgur.com/BoNeNsB.png] [ https://i.imgur.com/0h1MnvD.png] That server is receiving…

Hi all, Having trouble getting this to log dropped traffic. This is only a testing environment, for me to play around in. I've installed XG 17.0.1 on a VMware. I'm trying to get similar functionality as UTM 9 but not having much luck. Currently, the…

Hi All, I am wondering is there any way to extend the firewall real time live logs from Log viewer. I noticed that currently I could only view for past around 10 mins time. I have a customer who is requesting if this is possible. Thank you…

Hello again! So I came home to find my Sophos XG Firewall completely turned off. After cold booting it 2 times it finally spoke to me again. In search of any log files which may give me a clue, I found the advanced shell and with it the following…

Hey Guys, i was wondering if i am blind or just plain stupid. But i am searching for the PPPOE Logs from a few day's ago. Is it possible to show older logs for eg. the pppoe in the web gui? I just can see log files from today when i use the "time…

Sites that are not categorized fit into one of these categories: (1) a legitimate enterprise that is too small to get noticed by the categorization service, (2) a malicious enterprise that changes its domain name regularly to evade categorization, (3…