Jun 18, 2020 · Please look at sample messages below in screenshot : My Firewall settings: Facility : DAEMON. Sep 18, 2018 · Logs for DDOS blocked attack. The tbllog data is unable to update in the active. Sophos Firewall: Extract files from the Sophos Firewall. Make sure that your laptop does not go to sleep or hibernate. So in which location is the firewall traffic logged and where are logfiles of the former days? Thanks in advance for any comment. The level of detail from the LogViewer is just not acceptable to diagnose and troubleshoot these connections. Log Viewer is no longer showing current entries for all categories. Can anyone tell me how I can connect and view a log file for RED so we can tell what is stopping the RED from connecting? Click Archive logs and send it to Sophos once the data collection is done. Filter the logs in Log Viewer using the quick filter for 10 minutes' worth of data. 3 MR-3-Build408. This is a module for Sophos Products, currently it accepts logs in syslog format or from a file for the following devices: xg fileset: supports Sophos XG SFOS logs. It's about the search engine log. I configured some profiles to send the logs to the syslog server from sophos. Hello everyone, I am a happy system of a Sophos Firewall XG 18 X-Stream, which some nice bumblebee on Friday 08 August decided to brutally shut Feb 22, 2020 · Currently noted that the logs sended by Sophos XG on the syslog are stored in a single file named "SFW. You can view logs using the log viewer or the command-line interface (CLI). Andrew Conaway over 4 years ago. db is corrupted on the device. If you have a question you can start a new discussion. Mar 11, 2022 · Add a syslog server. 05. 5 MR-5-Build586 version. Set the Source type to “sophos:xg:logs” for UDP. Hi Fabian_ , Thank you for reaching out to the Community! The log viewer simplifies the raw logs. im wondering how someone is troubleshooting stuff where XG is in business (production) environment ^^ Thx for your patience and understanding. Jun 29, 2017 · Log DNS Queries. (for example web category, malware log, email log) I have opened a case for the issue, case ID: 7257832. The device supports a maximum of five Syslog servers. Reference screenshot: Thanks, I work in a group and some configurations got changed today, specifically "IPv4 SD-WAN policy route. cd /log. Connect your laptop to the serial console port of the appliance. Mar 24, 2018 · I can't remove the logs even after flush/purge the reports. Jun 12, 2021 · Use WinSCP to connect to Sophos Firewall to upload and download the files. Sign up for the Sophos Support Notification Service to receive proactive SMS alerts for Sophos products and Viewing logs older than a few days on XG 310. Set up an external syslog server and send the web filter logs to it. Access your Sophos Firewall CLI. By default, it shows firewall logs. Setup. Aug 11, 2017 · I submitted a support request and learned a few things. From there I assume you would filter by Log Type "WAF". Email logs. The reports you see on the web admin console are generated using the log files. Not to mention i'd have to copy/paste the data but I'm fine with that. Viewing the VPN logs from CLI. Scenario. It allows you to get, set, or remove the configuration using the API. db got corrupted. log file. Can i SSH into the XG230 and do a search to find the email in question? Feb 5, 2022 · Hi Brian Thill : As the TZ file is not there I am suspecting an appliance is affected with NC-80126 (Log viewer shows incorrect time zone), I would suggest opening a support case to validate the same and…. No success with /var/fwlog. I was confused by the plain "Cloudwatch" I was expecting "Cloudwatch Logs". : Advanced Shell: Go to /log/reverseproxy. Scheduled Sophos Community Maintenance on Saturday, June 8, from 08:00 to 11:00 UTC. anywhere in the xg to get more detailed pppoe logs similar to a debug to troubleshoot a connection problem with the isp? the web interface diagnostics >> log viewer >> pppoe is empty, not a lot of info from console> show pppoe connection status command or under /log. Open Command Prompt and go to the path where PSCP is located. 22 as a head office, therefore 2. I opened a ticket with Connectwise, and they said this is caused by the Gen 2 network probe and cannot be modified - and suggested I put in an enhancement request to have this behavior changed (or at least make it so that we can remove Jul 24, 2022 · Getting the logs. DrMeskon over 7 years ago. log and share the output. Sophos Firewall 18. Sophos Firewall: Log file details. However, in most cases, it can be recorded in a serial console. 22 uses Respond-Only gateway type. Trying to get O365 Cloud app security to inspect our Sophos logs. Sep 27, 2021 · Log for Sophos AP issues? Just had our [EDIT per rfcat_vk, who pointed out original "APX 30" is not a proper model] APX 320 crash. See full list on docs. When using manual firewall rules with logging turned on, this will be shown. x. Roboto over 4 years ago. tail -f awarrensmtp. I have searched the Net and the XG documentation all to no avail - this field is not defined anywhere I've looked. Aug 12, 2017 · Detailed Log Location? So far I've tried to establish 2 site-to-site IPSec tunnels and neither have been successful - both have been painful to be obvious. They say that they can read XG firewall logs but each time they are uploaded we get errors stating that they are in the incorrect format. The SDU is installed as part of the Sophos Endpoint Agent and can be found in the following location: 32-bit: C:\Program Files\Sophos\Sophos Diagnostic Utility\sdugui. 0 MR1 with EoL SFOS versions and UTM9 OS. I want to intercept all DNS queries and extract FQDN from them. exe; Running SDU from Sophos Central The SDU can run remotely from Sophos Central on a Windows or Mac Occasionally, a system crash or restart happens before Sophos Firewall can record it in the log files. Thanks! Aug 11, 2020 · Hello everybody, I need to evaluate the web filter logging. The issue just came back. Jul 14, 2017 · The best log server for Sophos XG? ShunzeLee over 6 years ago. log (if you are in MTA mode) Mar 22, 2019 · Alerts from my Sophos XG firewalls caused by my Connectwise Automate network probes scanning them on port 22. The Log viewer doesnt go back far enough to check the logs. Select 3. Sign up to the Sophos Support Notification Service to get the Mar 28, 2024 · Log file details. The logs file itself located at /log/reverseproxy. B731 over 7 years ago. log -f) - but there are no entries written during the download fails. I don't recall if it also logs the content type (mimetype) but that may be something else to search for. Invalid traffic logging is on by default for Sophos Firewall. Dec 11, 2021 · Sophos XG Search Engine Log. To send logs to a syslog server, click Add and specify the syslog server details. Advanced Shell. Nov 29, 2021 · In the example below, the time of the first log is 23:34:18. sub menu: 3. See Log viewer. db so logs are not generating under log viewer. Thanks, Apr 8, 2022 · I am trying to find any log information as a result of "The Sophos Anti Spam Engine has blocked this Email because the sender IP Address is blacklisted" pop-over message that I see in the GUI when I hover over a REJECTED status in the mail logs. Those should include the URL so any HTTP and decrypted HTTPS the full url including "swf". Feb 20, 2016 · Service Monitor logs from the “Logging -> View Log Files" menu or the command line (less /var/log/service_monitor. gz files. You can view and export a record of all activities that are monitored by Sophos Central using the Audit Log report. Select Device Management > Advanced Shell. tar -cvzf var/AllXGLogs. To add a syslog server and configure the syslog settings, do as follows: Go to System services > Log settings and click Add. Access your Sophos Firewall console. On Friday night we had an external email that has been sent to 2 users here. ^^ Aug 10, 2021 · Hello Christian, You can grep on the CSC. Open PuTTY and connect to the serial console port. Jan 23, 2019 · Office 365 Cloud App Security. WEBCONSOLE: Reports > Device reports settings > Manual purge > Purge All (Note: you can select time range to purge or you can purge all at once) 2. From documentation: The UTM checks the WAN links using ICMP messages. Select the modules for which logs are to be sent to the syslog server. Specify filters. Logmark table: Sophos Firewall (SF) can send and store detailed logs to an external Syslog server. COMMAND LINE INTERFACE - connect via serial cable to XG firewall device open putty and log in to the CLI > Select "5. You can no longer post new replies to this discussion. Flush Device Reports" and follow the I have query regarding for see the log for my uplink connections. HA load-balancing on/off: Run this command to turn on or off HA cluster load balancing. I have a user that forward me a questionable email to check. KB-000035758 Apr 20, 2023 1 people found this article helpful. To get the IP address from which you access the web admin console, do as follows: Go to Log viewer and select Admin from the May 15, 2024 · To view or change log settings, go to System services > Log settings. 1 and later Accept the Sophos End-User License Agreement (EULA) prompt. 21 uses Initiate gateway type and DefaultBranchOffice policy, while 2. exe; 64-bit: C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility\sdugui. You can…. Verify that the tar. The entire "Local reporting" column is empty. Hi All i want to ask about log Comp = Appliance Access denied on log viewer, we currently having a Oct 8, 2020 · Im using xg home latest firmware. I'm unable to find any way to view the RED log files like we could in previous versions. Go to the log/ repository and get all the AllXGLogs. onward over 6 years ago. Although I am seeing the required logs when secure log Sep 6, 2017 · Gateway Logs in Report Section - Discussions - Sophos Firewall - Sophos Community. Note: The content of this article is available on Sophos Firewall: Log file details. To capture live logs: cd /log. 2 (IPsec/SSL VPN Client) You can actually see the live log under connection list or Live connections, but The format is not as friendly as Firewall log, but you might see the same type of Live log that you saw in UTM (Seperate Window Log) in XG aswell, I am not 100% sure but from what I heard the product management has been receiving tons of feedback to include this in XG. To check the status of Awarrensmtp service: Please refer to KB Sophos Firewall: Logfile guide for all the log files available on Sophos Firewall. One of our Internet leased line is flapping continuously since last 15-20 days. Power-over-Ethernet ports are built-in on 116, 126 (1 GE), and 136 (2. 0. Copy the root certificate, user certificate, and the key to the syslog server. log. The syslog format choosen in Sophos configuration should be Central Reporting Format. In the Source name override field, enter a new source name to override the default source value, if necessary. x' using ssh because of wrong credentials Release Notes & News Nov 23, 2023 · Hello Thanet Phanalikool , Thank you for reaching out to the community, you can check the logs from log viewer and from the drop down menu on the top right, you can select, "Web filter" OR "Application…. Jan 23, 2023 · Firewall log files. Solid red light. 1 user recieved the email, but the other didnt. Note: If no logs show, go to System services > Log settings and turn on logging for Advanced threat protection. Sophos Firewall: Find the log files. 4 MR4 as smtp mail gateway, it worked fine for about 1 month, and now its not showing any log in Email > Mail Log section but the email are going and entering normally. Sign up for the Sophos Support Notification Service to receive proactive SMS alerts for Sophos products Log viewer: Click on the top screen and change the field Firewall at the right with Web server protection. 2 MR-2-Build380) Log Viewer appears to be displaying time stamps in UTC. Open Advanced Options . Device Management" > Select "4. However, you won't be able to view the logs from CLI the way they're represented in the log viewer…. Disable HA: Locally-signed certificate generated on Sophos Firewall. May 14, 2021 · In the Port field, enter a port number on which you are forwarding the logs from Sophos XG Firewall device. 1 MR-1-Build326). You could also check the dgd logs on the firewall. But beside few firewall log, we can't see any other log. FormerMember over 3 years ago +2 verified. Run the following commands to save the archive to the var/ repository: cd /. To reduce the query response time, the Log Viewer only checks the time in the logs after retrieving a set To get started, create a support case below or call us. The SFP port on all models can be used for FTTH/FTTP or with the optional VDSL modem. You can select and deselect logs under Central reporting. This thread was automatically locked due to age. Device Management and press Enter. And time consuming. Hello, I am running XG FW firmware version 19. Has anyone else got this working ? Logging & Reporting -> Log Settings -> Cloudwatch, was not enabled at all. I want to collect logs using the elk stack. Its Monday morning now. To reset filter options, click Clear. See Sophos Status Page for the latest updates. Review the settings and click Submit. Dear All, I have configured DOS policy and I Dec 28, 2023 · How to get the SSL User Logs which will give the below information. These are denoted by rule numbers in the reserved range (60000). I have an Xg with the SFOS 18. Here are some related articles that will help provide more information: Sophos Firewall: How to schedule automatic purging of specific reports; Sophos XG Firewall: How to find Historical Reports; Regards, Sep 1, 2020 · Sophos Firewall Discussions Sophos XG - Logs sho the message= "User '-' failed to login from 'x. Do any of the following: Click Locate archive to find the zipped logs in an SDU folder %TEMP% and send it to Sophos Support. 21 will act as a branch office and 2. There are two gateways, a primary and backup. this is what i got from the smtpd_main. Related information Sign up for the Sophos Support Notification Service to receive proactive SMS alerts for Sophos products and Sophos Central services. XG software: SFVH (SFOS 17. Search for the event and make a note of the IP address of the affected device. 5 MR-5. That's disappointing. Is it possible to do that from GUI? . Note: All protection features are supported on every XGS 1xx model and most on XGS 87 and 87w. Jul 5, 2017 · changelog in Sophos XG Firewall. Damacy500 over 2 years ago. Nov 27, 2018 · I made a trace for the ips log (tail log/ips. One of our users is encountering an intermittent timeout on a specific website when performing a specific action. To use PSCP, do as follows: Download PuTTY. log | grep “ha:” cat /log/applog. Open WinSCP and enter the following details as per the snapshot below. This system follows all TCP sessions through Sophos Firewall (as well as some UDP and ICMP sessions). Similar to the Audit-LOg of the UTM. The logs we are looking for are in /log accessed via the SSH Shell for: 5. ChristineMeisinger over 7 years ago. Execute the following command in advance shell: 1. after re-keying Phase 2. In both the GUI and syslogs, FW log entires have a "policy_type" field. SDU 6. So it could be broadcast (traffic to the entire network) which hits the appliance as well and gets…. The Log Viewer would contain information but will last till the next reboot or till its memory cache is full. You can take the following actions: Customize the view by selecting different modules or switching between tabular and detailed views. With Barracuda I could find the email Mar 3, 2020 · System Services > Log settings. I know it can be logged from CLI something like "sudo tcpdump -vvv -s 0 -l -n port 53". Previously I was using Barracuda to scan/filter email but now am solely using the XG for scanning & protecting email. Enter the required details and click Send mail to Sophos. Note. Unfortunately the default log retention period for VPN, SSL VPN & Clientless access logs is 1 month. Mr. . Sophos XG Firewall: How to SSH to the firewall using PuTTY utility; Run the following command from the Advanced Shell: awk '/Dead/' dgd. Mar 11, 2022 · To send logs to Sophos Central, you must go to the Sophos Central page and turn on Sophos Central services. 5 GE) models to power your external devices. IT IT5 over 6 years ago. AD authentication is working but for some reason when I try to lookup employee Oct 11, 2012 · Extracting files. tar. Appliance Access in General is traffic going to the interface, which the appliance has no rule for it. Syslog support requires an external server running a Syslog daemon on any of the UDP Ports. I need get user usage log from before ; - Access logs - Website logs - Application logs My Nov 18, 2022 · Hi Vivek, thanks for your quick reply. Log Date, Log time, Connected time (in min or hours), IP Accessed (Each access wise) Its quite urgent , reply is very much appreciated. This can happen if garner gets restarted while in the middle of updating the tbllog data in the active. The active. I have been checking our firewall logs as well as our internal DNS logs but have yet to track it down. Hi Anthony Anderson , Thank you for reaching out to the Community! Try to check Admin logs from the Log Viewer. Dear All, I have configured DOS policy and I can see the packet dropped by the DDOS but where I can see the logs? I tried to find out in IPS, System, Firewall logs but no luck. Click SCP/Shell, and select /bin/sh instead of Default. 9 MR-9 - Is there a way to filter the log viewer by date/time range either in gui or cli or is this request still valid? https://ideas. In the Input Settings page, click New. log It will provide the input below, the bolded text tells you what IP shutted down the system…. They doesn't contain the wanted traffic. However, it says "All log files accessible via the Logging & Reporting section are uploaded to the Amazon CloudWatch service", so I guess this needs enabling. sophos Sophos Community Site Sophos Firewall v20: Configure Sophos Connect Client 2. Jul 20, 2022 · Connect by using a Secure Shell (SSH) such as PuTTY: Sophos Firewall: SSH to the firewall using PuTTY utility; Open the Console from Sophos Firewall's GUI by going to Admin > Console. Select Device Console and press Enter. On Sophos Firewall, add the syslog server. Regards, Aditya Patel. You can filter these by the action taken and scanning outcome. What I am trying to find out is, can the log tell me when a given IP was 'last seen' or would that be when an IP address no longer Apr 16, 2020 · We have Sophos 310XG firewalls install in active-active HA mode. Aug 11, 2020 · Web filtering logs are not in plain text by default; you have to put "awarrenhttp" service in debug first by running the following command from Advanced Shell: service awarrenhttp:debug -ds nosync To see web access logs after you put the service in debugging, check awarrenhttp_access. I am able to forward all logs to the OSSIM but there is one more logs that i can not send to the SIEM, yes it is ModSecurity related logs. Nov 16, 2019 · Thanks for the replies, I will check on that - for some reason notification of replies to email is not working. It will show up as the source IP address. IP address or domain name of the syslog server. pppoe logging. Select API configuration. There is another module "Sophos iView" available for logs and reporting but it is good for some critical organization or big data Center who need a lot of logs, reports, and backup of all those. -----Click Show More to view related links----- Feb 13, 2023 · Dear Team, I am facing an issue. May 29, 2023 · Go to Backup and firmware > API. Hi guys, There should be an audit log so you can see which Central-Admin changed something on which XG. Hello, I am trying to extract specific info from a DHCP syslog generated from an XGS3100, 1 log per day for 253 IP's for the last 50 days, masses of data. Power cycled it (unplugged cable, it's on PoE) and it went to an odd green blinking cadence (I think faster than normal), then red again, then seemed to reboot and is back in service now. You can only make changes from these sources. In the example below, the time of the first log is 23:34:18. Ruflex over 3 years ago. system ha load-balancing <on/off>. These logs are shown in the log viewer and are different from on-box reports. To use WinSCP, see WinSCP: Basic Tasks. log). log and similar logfiles in XG. Mark Moore1 over 7 years ago. This command is useful when HA is configured in Active-Active mode. LOG", this is a bit unproductive because it not parsed by module or features, (IPS log, Fw log, email log, VPN-SSL log, etc). Cannot see usernames in logs on XG. gz archive is present in the var/ repository by Yes, the real-time logs are captured in the awarrensmtp. How can I see the log of my uplink connections (down or up). Apr 13, 2023 · Open Log viewer and review the ATP logs. log for the following entry: # grep "shutdown_appliance" csc. log: Live log view: Run the command: tail -f /log/reverseproxy. " I would like to know what time/date these changes were made. Hi Community, I configured my xg firewall vm with version 18. And support team said as following, Oct 9, 2017 · How to check logs for older emails on XG230. 1. It will also show automatic drops by Sophos UTM, for example, if no rule matched. Device Management > 3. Select Advanced threat protection from the drop-down menu. Logs are sent to this server. At the moment I go to log viewer in the upper right corner of the web browser, scroll all the way down, which takes a lot of time, and then click the download button. Severity level : Information. Sophos XG firewall is offering on Device Reporting and logs, which is a good feature for all SMBs. XG Administrator activities log - Discussions - Sophos Firewall - Sophos Community. Syslog server settings: Protocol : TCP/UDP (tried both the protocols one by one) Port : 6514/514 (I tried both the ports one by one) Destination IP : Public IP. This discussion has been locked. Filter by module, field, value, time, or free text. sophos. SFVH (SFOS 18. When complaint logged with ISP, they are asking for flapping logs. In the configuration I have established that it shows me a year, but I cannot see it from the log section. The problem with the Central-Firewall Management is that the log of the FIrewall itself only shows the dummy-user of Central. 2. For Allowed IP address, enter your IP address. Invalid traffic events are shown in the log viewer. macstorm over 5 years ago. gz log/*. Jan 11, 2024. Advanced Shell and press Enter. When I downloaded and extract elk-agent on sophs and try to install the agent it Apr 4, 2022. See Application reports continue to generate even if firewall rule and application filter are turned off. All activities for the past 7 days are shown in the Audit Log by default. Learn more in the . XG115w_XN02_SFOS 17. Hi, I have Sophos XG Firewall 115/116, 125/126. Using the CLI, you can find the log files in the /log directory. I got an email when uplink connection is up or down (I have Configured) but I could not find the way in "View Log files" in my ASG 220 V9. Dear All, I have setup an iView for customer to see all kinds of logs from XG. In our example, 2. Here are some examples: Sophos Firewall uses a connection tracking system (conntrack). I doublechecked the RSA - it is correctly set on both sides - no mismatch. You can also decrypt anonymized information. Sep 2, 2022 · LuCar Toni over 2 years ago +1 suggested. The firewall log normally shows a rule number for each entry. Please help. On the Log settings page, the logs supported by central reporting are selected by default. To configure a remote syslog destination, please reference the SophosXG/SFOS Documentation. com Jun 30, 2023 · The log viewer opens in a new full-screen browser window. Add a syslog server and specify the settings. Showing XGS 116w Model. Global Escalation Support Engineer | Sophos Technical Support. You can access the CLI by going to admin > Console, in the upper right corner of the web Apr 15, 2021 · SOPHOS XG mail log not showing any entries. Show HA cluster details: The result of the command system ha show details. Important note about SSL VPN compatibility for 20. Basic filter. Mar 16, 2016 · NAT logs - Network Protection: Firewall, NAT, QoS, & IPS - UTM Firewall - Sophos Community. This video covers the new log viewer features and enhancements. How do we pull up this data? Jan 11, 2024 · Audit Logs. The configuration steps are as follows: Configure a locally-signed certificate on Sophos Firewall. I did multiple search and came up empty handled. KB-000038142 Mar 08, 2022 0 people found this article helpful. Click Exit. Apr 8, 2020 · Audit Log for Firewall configuration changes. How this cloud be possible that XG doesnt provide logs in such important things ? Im using it since 5 years and there wasnt any improvements in that section. If the gateway goes down due to the ISP/modem/cable/interface issue, it will be logged in the dgd logs. This is a normal behavior of Log Viewer. Jan 26, 2022 · Hey BlackSheepOne , As emmosophos confirmed based on the logs, it looks like DB corruption. It seems the active. May 29, 2017 · The XG does not store system-related information in Non-volatile memory. Further down the filtered logs, the last log shown has a time of 23:14:13, which is out of range of the initial 10-minute quick filter. log | grep “ha:” Thanks and Regards Hi Guys, I am new to Sophos XG Firewall and currently i am working to integrate Sophos XG with OSSIM for security event monitoring (SIEM). log Mar 11, 2022 · Mail logs (MTA mode) Mar 11, 2022. Using the log viewer I found under the authentication tab I could see a timestamp of when a user authenticated on the SSL VPN and also disconnected! This is fantastic and at least a start, but then the log viewer only went back for a day or two. Device Management. Mar 17, 2022 · Go to Firewall Management > Report Generator and you'll be able to choose your firewall and the report template "Log Viewer and Search". Deepak Verma over 6 years ago. 1. 6 MR-6. Viewing RED Log File. I recently changed every log type to log to "Central Reporting". We can view all the necessary logs under "Log Viewer," but it seems to only show entries from within the last few days. Roy Wheatley over 2 years ago. log (if you are in smtp proxy mode - i suspect, mine is empty) awarrenmta. It's best to contact support and support can help either with re-buidling the database OR you can re-image the…. I just double checked again - if I change short for testing the firewal rule under Advanced / User Applications / Intrusion Prevention from lantowan_general to none the download process is starting. To find the Audit Log reports, go to Reports > General logs > Audit Logs. All traffic passes through the primary appliance once it is turned off. Hi, I have XG Firewall SFOS 16. Select 5. To apply the selected filters, click Filter. To store logs locally, select logs under Local reporting. Hey there, I am currently struggling to extract all entrys from the Log Viewers Firewall Section. To get started, create a support case below or call us. Hello, We suddenly had a RED go offline last night. log: Nov 16, 2019 · XG210_WP03_SFOS 17. 5. Specify the settings. db. Copy the log file from your firewall to your device, in Windows for example, by running the following command: pscp -scp admin@<Sophos Firewall IP>:<Source> <Destination>. Oct 11, 2020 · Select UDP, enter the Syslog port number (port 514 by default), and optionally set the Sophos Firewall's IP address in the Only accept connection from the field and click Next. cat /log/msync. Start and end dates: Specify the time during which emails were processed. Click Next to continue to the Input Settings page. Please suggest how can I collect these logs of las say 10 days? I am getting continuous notification of the link status. UTM Firewall requires membership for participation - click to join. Enter a name. You can view all activities for up to 90 days. Not only the Default Gateway is checked, as a Traceroute is sent to the Root DNS Server. 5 profiles with different logs to send Jun 25, 2021 · FormerMember over 3 years ago +1 suggested. Sign in and select 5. As well, I see every reply says to check the CLI. Hello together, i have one question to XG Firewall: Does the firewall have a changelog like the Sophos UTM? At the moment i can not see who which user changes settings in the Firewall. AD authentication is working but for some reason when I try to lookup employee internet traffic logs don't show a username, only their IP address. Hello. I am unsure of the logging in this device. I need to check the access log by the ssl vpn, and it only shows me a week. Set the Source Type to XG_log and the Source Type Category to Custom then click Review. Sep 3, 2021 · Log retention. Thanks, Jun 28, 2021 · This logline explains that logs insert get failed. Why? it's possible to do it? By the way ATP logs are enable in the settings but don't appear in the logs even with I filter, do I have to enable the log in the LAN->WAN firewall rule? or for ATP is not needed? Jul 6, 2022 · DHCP Log of an XGS3100. May 25, 2022 · We have an XG 135 running SFOS 18. I have a newly installed XG firewall. Mail logs show the list of all emails. 0 GA) Question. Is there any way to get much more detailed logs with Oct 29, 2021 · In UTM these logs are called packetfilter. awarrensmtp. I checked under Reports > Reports Settins > Data Management to ensure we have logs saved for months. Hello, I have a problem with the Sophos XG (SFOS 18. xyjbcfzpunhwzyimdrwh