Greetings good afternoon community team I have a question In the log viewer I see blocked attempts to access some websites with Category "Sexually Explicit" I want to search for older logs but the log viewer only gives me data up to 2 days ago, I…

Hi everyone, one of our customers is experiencing a strange problem, the logs are saying that traffic is denied but well its working, so i guess its a problem with the loggin daemon? Here it says that the traffic is denied and the reasons are always…

Hi folks, what does the blue color mean in log viewer? Can't find it in the documentation. Regards Gero

Hi, I have rule 5. It's a DNAT from the WAN IP 188.175.113.182 in to the network to the VoIP server. If I look in the LOG, I see the following: The first line does correspond to rule 5, but what do the other lines mean? They are also marked…

Is it possible to filter more than one port in the log viewer? I am trying to find some specific traffic and i want to exclude both 443 and 123 but I cant seem to stack the filters. Thanks!

(simple ANY rule with a lot of traffic -> should be in LOG)

Is it normal that in the FW Logs is sometimes a zone entry and sometimes not? The FW should in any case know what zone the paket comes from/to.

Hi, I'm having trouble with the WAF, XGS 2300 v19.5.1 I add the webserver web .xxx.xxx - it has policy ID 129 . But if I go to web .xxx.xxx in the log it shows that web.xxx.xxx has policy ID 43 . I get a 503 error But the policy ID 43 is spsluzba.xxx…

Just noticed several logged entry for user's traffic without any Out interface The screenshot below is an example. The user is the same and its traffic is using the same firewall rule 11 but the bottom three lines have the port2 as out interface but…

We have MS exchange servers hosted on our network and Firewall rules, Email filers and NAT configured on our Sophos XG to forward mail to our servers. Recently end users would have reported not receiving certain emails. This is random. After looking at…

Hello, I've installed SFOS 19.0.1 MR-1-Build365 in my environment I have 3 interfaces - WAN, LAN and DMZ and selected ICMP enabled for both LAN and DMZ interfaces in Administration -> Device access tab In each zone i have installed test host which…

Hi, We are getting "Invalid Traffic" in Log viewer for some Ports from DMZ to WAN. The firewall rules are configure correctly, can anybody help to resolve the issue. Thx, Ashfaq

on SFOS 18.5.4 and 19.0.1 we still notice that Admin Audit logs in Logviewer are not showing all changes admins make on the system. Example: anything you do with IPS policies is not logged. Adding, changing, deleting other example: IPSec Site…

Hi I'm migrating my UTL9 Home to FW 19.0, nearly complete but have a few niggles to sort out. One of them is the log viewer. It doesn't seem particularly quick and is quite chunky. Is there another view or config that can be done to provide the…

Hi, We're seeing repeated but inconsistent log entries with the bytes sent in the 4GB region. We use Fastvue and these incorrect bytes values mess with our reporting and make it hard to track down actual high bandwidth users. Some users are reported…

Due a log investigation, we have discovered a leak in the firewall policys. If you set a rule with simply complete drop & log from a source to WAN zone, Traffic with destination Ports 80/443 will be allowed. So the traffic flows to the integrated proxy…

Hello, Since installing the latest version of SFOS Firmware 19.0.0 GA-Build317, I found that reports they are no longer functional since 2022-07-29 13:12:22 , how I should do to solve this problem , this is the first time I have encountered this kind…

hello I have server with SFOS v19, I am confused about log viewer. I think that it always show only logs in 10 minutes window. I tried to change time filter (all records ,last 4 hours, 60 minutes, etc.) but it doesn't work . I can only view firewall…

Good day, at the moment we have a lot of shity traffic going on , mostly from Russia and its lovely friends . Right now I ´ ve seen that there are p ackages without origin-port and destination-p orts in the Log Viewer . Whys that ? Never had this…

Hello, I am running XG FW firmware version 19.0.0. Log Viewer is no longer showing current entries for all categories. The last entry logged was on 1/26/22. I've checked log settings and disk space and everything looks correct. I also have…

hi all, got an xgs firewall but when i go to "log viewer" from the home page to see live logs, all i can see is "src ip" to "dst ip" is there a way to see the "src ip" to "dst url" if i cant do it via the gui, is there a way to do it via terminal…

We have a XGS2100 (SFOS 18.5.2 MR-2-Build380) When I use Log viewer and use a Timer filter (any) it is only showing few minutes and gets in a loop I think this is a bug?

Hi, is it somehow possible to get the live viewer filter correctly including the first dot? This is still not working. Any workaround? Already asked this unanswered in 2020: https://community.sophos.com/sophos-xg-firewall/f/discussions/123796/live…

Hello I have a dobut with the log viewer in Firewall sophos XG: how can I see the traffic generated by the configured VLANs? I don't see any menu option to log the traffic of the rejected or allowed VLANs. the scenario is that I set up a bridge…

Hello All, I have created Web and Firewall Rule. When I check the Log Viewer for Firewall and Logs, For some reason Firewall ID does not show up in the Viewer. Can someone please let me know what step I might have missed or what to do? Help will be of…