Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 8 subscribers
  • Views 12479 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forwarding syslog content from Sophos Central Cloud

Matthew Titcombe

Sorry, this may be a newbie Sophos question.  Is there a syslog function for our Rapid7 syslog collector to pull logs from the Sophos Central cloud instance?

Thanks,

Matt



This thread was automatically locked due to age.
Parents
  • 0

    Hi Matthew Titcombe,

    Sophos Central has secured APIs for SIEM integration and other purposes. These allow the retrieval of event and alert data for use in other systems.

    If you wish to write your own integration for SIEM or other purposes, we have documentation on the APIs and you may find our existing SIEM integration script a useful starting point.

    You can download Swagger documentation on the API here. Also check Sophos Central: FAQ on SIEM for more details.

    NOTE: Sophos Support is available only for the APIs and our unmodified script. We cannot provide advice and troubleshooting for customer-created integrations. Your Sophos partner may provide such services, and arrange to involve Sophos’ own Professional Services team if you need assistance beyond Sophos Support’s remit

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • 0

    Hi Matthew Titcombe,

    Sophos Central has secured APIs for SIEM integration and other purposes. These allow the retrieval of event and alert data for use in other systems.

    If you wish to write your own integration for SIEM or other purposes, we have documentation on the APIs and you may find our existing SIEM integration script a useful starting point.

    You can download Swagger documentation on the API here. Also check Sophos Central: FAQ on SIEM for more details.

    NOTE: Sophos Support is available only for the APIs and our unmodified script. We cannot provide advice and troubleshooting for customer-created integrations. Your Sophos partner may provide such services, and arrange to involve Sophos’ own Professional Services team if you need assistance beyond Sophos Support’s remit

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
No Data
Unfiltered HTML