Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 9 subscribers
  • Views 1869 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enterprise Console and Solarwinds SEM

Matthew Cabana

Hi

we have a SEC installed on a server. we want to export logs of all threats and alerts from SEC to an outside logs manager(SEM). we have no problem getting logs from an individual agent. what we want are the logs from the console. we used snmp but still no luck. we used sophos reporting log writer(first time using it) but we dont know how to import the logs to SEM..



This thread was automatically locked due to age.
Parents
  • 0

    Hello Matthew Cabana,

    this might be the "wrong end" (i.e. Sophos vs. Solarwinds) for this question - but I might misunderstand it. 

    we don't know how to import the logs to SEM
    from a quick glance at Solarwind's website it seems that you have to use the applicable connector provided by SEM to import a product's data. I see Sophos Enterprise 2.0 Database and Sophos Enterprise 3.0 Database though, naturally, I can't say what the 2.0/3.0 signifies - likely not SEC's Database version. What the connector does or is supposed to do only Solarwinds can tell. The Sophos Log Writer outputs certain data in a CSV format, again it's only Solarwinds who can tell if and how they could deal with CSVs.
    What data are you interested in? If you already monitor the endpoints with an agent the Alerts and Events data would be redundant.

    Christian   

Reply
  • 0

    Hello Matthew Cabana,

    this might be the "wrong end" (i.e. Sophos vs. Solarwinds) for this question - but I might misunderstand it. 

    we don't know how to import the logs to SEM
    from a quick glance at Solarwind's website it seems that you have to use the applicable connector provided by SEM to import a product's data. I see Sophos Enterprise 2.0 Database and Sophos Enterprise 3.0 Database though, naturally, I can't say what the 2.0/3.0 signifies - likely not SEC's Database version. What the connector does or is supposed to do only Solarwinds can tell. The Sophos Log Writer outputs certain data in a CSV format, again it's only Solarwinds who can tell if and how they could deal with CSVs.
    What data are you interested in? If you already monitor the endpoints with an agent the Alerts and Events data would be redundant.

    Christian   

Children
No Data
Unfiltered HTML