Either locally or through Central is there a way to perform 24/7 dns logging from multiple sfos 18 xg's that doesnt require tcpdump packet capture?
You could do this with Central EDR 3.0. Assuming we are not logging all DNS requests in the Internet. To much Traffic.
Yes, the objective is a continuous log of all dns lookups including internal & external records from all internal or vpn clients including desktops, servers, network hardware, & byod sent to each XG. In many cases it would not be possible for the client to run Sophos endpoint software. I just voted on this: https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/33110794-provide-searchable-dns-logs