I'm a beginner on Sophos UTM and I'm wondering where is the DNS log file where I can find all the logs regarding the requests that have been done between my Firewall Sophos and the DNS server.
Hi antonio guevara,
Thank you for reaching out to the Community!
Check out the following document for log name and service locations: Sophos UTM: Log names and service locations.
You can check the named…
You can check the named.log as well as packet filter logs for the DNS queries. Did you select Log unique DNS requests under > Network Protection > Firewall > Advanced > Logging Options > Log unique DNS requests?
Log unique DNS requests: Sophos UTM will log all outgoing requests to DNS servers and their outcome. The log records are marked by the string "DNS request
Community Support Engineer | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts If a post solves your question use the 'Verify Answer' button.
Salut Antonin and welcome to the UTM Community!
If you're looking for the FQDNs for which name resolution was requested, I don't know of a way to see that other than by doing a packet capture.
Cheers - Bob
Thank you for sharing with me this document. I found it there!
I didn't select Log unique DNS requests, that's why I can't see a bad resolution from my DNS that are located in another network?
Thank you for your answer.