Hi, i have a problem with logs, they are not updated live. I cant see any logs any more, support say to me maybe harddrive failure or capacity filled up, i try to purge all old logs but it doesnt work either, console> sys dia show disk Partition…

Can someone please help me! I have been having issues lately with my Sophos XG 330 rev.2 Firewall. First off I have had a complete system crash where I had to completely re-install firmware (the system reboots to "fail safe mode") Next I keep randomly…

Hi, I have tried opening a support ticket as well as searching on these forums but I cannot seem to get a straight answer. I'm using an XG450. With Covid making work from home mandatory for a lot of employees, management is now asking me to produce…

Hello, Please help me to know how to check Administrator admin activities events. Thanks,

New XG v18. Getting many emails with subject: "*ALERT* Sophos XG Firewall - HTTP virus detected". How do I track these down? Thank you.

Hello everyone, I have some doubts about the sophos reporting and how it is classify the traffic by zones. Currently i configured this zones: - WAN - DMZ - VPN. Our firewall was configured to publish services through DNAT rules and SNAT with…

Hi! I recently set up our Sophos XG Firewall, and everything is working beautifully! However, today we've run into an issue with the "Mail Logs" within Protect > Email. Previously we used to be able to go into that tab, and it'd tell us every email…

Dear All, I have configured DOS policy and I can see the packet dropped by the DDOS but where I can see the logs? I tried to find out in IPS, System, Firewall logs but no luck. Please help

Hi @ All, I have just made the following not funny experience. The following rule should block all TCP80 und TCP443 traffic from some selected countries to the following WAN Interface IP (xxx.xxx.84.37). Now, according to the logs, however…

Hello, Does anyone know a a scriptable way to retrieve the system/event logs of the firewall? please let me know some automated method. thanks

I would like to ask if anyone successfully let McAfee ESM (SIEM) get logs from XG210. What Data Source Model and Data Format should be? My situation is ESM gets logs from XG210 but as "Unknown Event". ESM: V10.3 XG210: AP Firmware 11.0

Hi all, I have a problem with the crreport. The service is dead. console> system diagnostics show subsystem-info SERVICE STATUS ===================================== lcdd UNTOUCHED ConfigDB RUNNING SigDB RUNNING ReportDB RUNNING crreport DEAD SMTPD…

Hello, I am looking for a way to dump all of the admin logs. If I am in the GUI log viewer, the section titled 'Admin' is what I am looking for, but I want those logs going back further than the GUI provides. I have looked in the /log directory from…

Hello Everyone. I posted few month ago that a "clean up rule" so common on competitive firewalls cannot be on Sophos XG, without causing reporting issues. Here: https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/98440/clean-up…

I can't remove the logs even after flush/purge the reports. Why? it's possible to do it? By the way ATP logs are enable in the settings but don't appear in the logs even with I filter, do I have to enable the log in the LAN->WAN firewall rule? or…

Hallo, weiß jemand on es möglich ist, bei einer UTM (in unserem Fall mit 7 Site2Site Tunneln) die aktuelle Bandbreitennutzung pro Tunnel zu reporten? Es kommt immer wieder zu Performance-Engpässen (kein Problem der Geräte selber sondern der vermutlich…

Hi All, I am wondering is there any way to extend the firewall real time live logs from Log viewer. I noticed that currently I could only view for past around 10 mins time. I have a customer who is requesting if this is possible. Thank you…

So far I've tried to establish 2 site-to-site IPSec tunnels and neither have been successful - both have been painful to be obvious. And time consuming. The level of detail from the LogViewer is just not acceptable to diagnose and troubleshoot these…

Hi, Has anyone here tried or purchased Fastvue reporter for Sophos XG?, how was your experience if you've done or currently conducting the 30-day trial? Is it worth the payment for those who paid the full version? Please let us know any feedback…

Hello Sophosers, I need to dig a little deeper into traffic and data usage on XG. There are hardly and traffic reports or possibility of custom reports for VLANs. I know the XG is more user oriented and I can get this information per user or group,…

Hi all, I have been facing issues with getting snmp working for me. I have done the following: - Allowed SNMP on BOTH LAN and WAN under Device Access - Created an any to any firewall rule allowing snmp ports (161 and 162) - Deployed the cacti…

Hello; How can I export logs daily for iView live log signatures.

How do I check the amount of data being consumed in the following three situations: - in automatic definition and pattern updates - in syncing the logs and reports to iView - in the syncing of configurations, logs and status to the sophos firewall…

Hi all, Does anyone know if there is a way to view more details on when someone has attempted to access a website that is blocked? In the blocked web attempts it shows up the domains and the IP addresses but I'm looking for a more in-depth report on…

Sites that are not categorized fit into one of these categories: (1) a legitimate enterprise that is too small to get noticed by the categorization service, (2) a malicious enterprise that changes its domain name regularly to evade categorization, (3…