• firewall logs - dest urls not ip address

    Sophos User1175
    Sophos User1175
    hi all, got an xgs firewall but when i go to "log viewer" from the home page to see live logs, all i can see is "src ip" to "dst ip" is there a way to see the "src ip" to "dst url" if i cant do it via the gui, is there a way to do it via terminal…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG 18.0.6 Logging of NAT Rules and DNS activity

    Paul McGinnie
    Paul McGinnie
    Running XG 18.0.6 on my own hardware. Short version: How do you log activity of: a) DNAT rule which diverts DNS to the Sophos LAN Port b) The DNS service itself I can do some packet capture, but the logging tool seems to ignore a DNAT rule terminating…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Admin Logs for XG330

    Cesar Henrique
    Cesar Henrique
    Hello everyone. I have a question about the Admin Logs for XG330. Our Admin Logs in the GUI shows only the logs of the current day. I need to check yesterday's log, but it won't appear. First question: is this normal? I don't check this log frequently…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Can't find firewall logs in AllXGLogs CLI dump

    JasP
    JasP
    I've done a CLI dump of all the logs but I can't find anything that logs firewall rule hits (like the firewall section of the GUI logs). What am I missing?!
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Reports not showing up

    Farshid
    Farshid
    Hi, We have 2 virtual Sophos Firewall in active-passive cluster up and running. When installing, I deployed OVF and before turning on VM and first boot configuration ( I mean creating report and config and signature partition ), I resized VM secondary…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Anti Spam logs?

    MarkThornton
    MarkThornton
    I am trying to find any log information as a result of "The Sophos Anti Spam Engine has blocked this Email because the sender IP Address is blacklisted" pop-over message that I see in the GUI when I hover over a REJECTED status in the mail logs. I tried…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Data transfer report inaccuracy

    Farshid
    Farshid
    Hi, I cannot retrieve accurate reports from on-box reporting. Data transfer report for specific user shows that user downloaded more than 9 GB today but application report shows 1.8 GB usage and web report shows 4 MB. I've checked all other reports…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • log live view: search for IP beginning with e.g. 10. including the dot . not 100.

    LHerzog
    LHerzog
    Hi, is it somehow possible to get the live viewer filter correctly including the first dot? This is still not working. Any workaround? Already asked this unanswered in 2020: https://community.sophos.com/sophos-xg-firewall/f/discussions/123796/live…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SSL VPN more detailed reports

    Jakub Kavka
    Jakub Kavka
    Hello, i need some more detailed VPN reports for our management and so far i cant find any way to do this. Best report so far i found via Sophos Central but its not exactly what i need. On firewall Reports / VPN / SSL VPN is basicly useless for me.…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Wrong Categories in reports

    MMASLOUH
    MMASLOUH
    Hello, i have an XG 230 running on SFOS 17.5.15 MR-15, but it keep show me a wrong category reports. For example it list the LDAP traffic as P2P app category and "P2P Client Torrent" for application.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Reports : Show the used port

    MMASLOUH
    MMASLOUH
    Hello, The Reports Dashoboards show me lot of P2P and X-VPN between SSL VPN Clients and local servers, thing that i found it weird When i tried to find the port used between the user and server, it show me only the category. This is an example.…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • No Record Found on Web Report

    Gib GoDesk
    Gib GoDesk
    Hey guys. I went to look for web browsing logs and no record was found. It has marked in my firewall rules as well as the web filter to do logging. I do the policy test and see that it matches the correct firewall and web rule for browsing. Notice…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Reporting

    Ahmed Elbably1
    Ahmed Elbably1
    Hi everyone i'm asking about the difference between web authentication and client authentication regarding reports because my senior says it's necessary to use client authentication to get a clear report for users while i see that both are the same…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Web Protection - Report User-Agents

    Fritz Mester
    Fritz Mester
    Hej, Is there a way to create a report in Web Protection that shows all the user agents of the network devices on the network? I would like to make an evaluation of all systems of the last month. Thanks a lot.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • High availablity TCP port 2600

    SGH
    SGH
    We have 2x XGS2100 (SFOS 18.5.2 MR-2-Build380) in High availablity in (Active-Passive) They have a Dedicated HA link Dedicated peer HA link IPv4 address 192.168.10.2 Dedicated peer HA link IPv4 address 192.168.10.1 When I look in Log viewer…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • My reports on dashboard disappear

    Alhassan Abubakar
    Alhassan Abubakar
    Please how can i get them back.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Security audit report - "No record found"

    djb-sophos
    djb-sophos
    Hello, About three months ago, I scheduled two security audit reports to be emailed to me. They have been fine up until about a month ago. I'm not sure what happened, but the reports now have no results. All the sections are now blank / empty with …
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Missing option for interface up/down email notifications

    Bart van der Horst
    Bart van der Horst
    Hi, I've got two isp's and a site to site RB Tunnel to our branch office. I've configured two vpn tunnels and routing rules with differed metrics, failover if the primary tunnel fails works but we get no notification of this. The xfm interface is…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • 18.5.2 MR2-Build380 ERROR(0x03): Failed to migrate reportdb. Disabling On-box reporting.

    FMMario
    FMMario
    Upgrading my Sophos HyperV Firewall from SFOS 18.5.1 MR-1-Build326 to 18.5.2 MR2-Build380 posted this error during update routine. All works fine but trying to restart on-box-reports show this prompt Sophos Firmware Version SFOS 18.5.2 MR-2-Build380…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Bounced message errors, where are they, why are they unavailable

    MarkThornton
    MarkThornton
    I am very disappointed in the error reporting functionality of the XG v18 firewall. Actually, the error reporting just isn't useful at all. Today I have a bounced message due to certificate issue on the recipient end. But the only way I know that is a…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Search Engine Log

    Damacy500
    Damacy500
    Hello, I have a problem with the Sophos XG (SFOS 18.5.1 MR-1-Build326). It's about the search engine log. I have set everything in the policy as described in the instructions.( https://support.sophos.com/support/s/article/KB-000035785?language=en_US …
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SophosXG elasticsearch filebeat module not importing fields

    Samy Wee
    Samy Wee
    www.elastic.co/.../filebeat-module-sophos.html I am trying to use the sophos module that you seems to have contributed in elk stack. I followed the documentation at www.elastic.co/.../filebeat-module-sophos.html and was able to get the data into ES…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Rule Summary Report

    Vault Sec
    Vault Sec
    Hi all, every firewall rule has an easily readable summary on the right hand side for audits and the like. Is there a way to export all of these summaries in some kind of report? Are you aware of any other reports that could be useful for 3rd party…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG syslog messages id's v18.5

    Martijn Groenewegen
    Martijn Groenewegen
    i've got a deeplink to Messages (sophos.com) but i would like to get my hands on the current (18.5) version so i can find messages that our firewalls are logging right now so i can parse them for our siem. and while i'm asking this, it would be so…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Log Viewer history

    djb-sophos
    djb-sophos
    Log Viewer --> Authentication. I went to search for a user to find out when the last time they connected to the VPN. When I enter the username, nothing comes up. I enter my username, and I do see about 4 entries only. It seems I only have logs for about…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>