Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 5747 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to send all log entries to me via email

Marshall Ringler1

I recently migrated from SonicWall to Sophos XG, and we are required to keep records of all Firewall logs. My old SonicWall would email me several times a day, whenever the logs got full, and I could keep the emails in perpetuity to scan through as needed. How do I get my new Sophos to do the same? I want a simple, line-by-line list of all activity, including every single network attempt, success and failure that it sees, emailed to me so I can keep it forever if I want to. I don't need a pretty HTML report, with graphs and analysis, just the list of activity. The email setup is already working, but I can't figure out how to get it to send me all log entries.



This thread was automatically locked due to age.
Parents
  • 0

    here my setup

     

     

    and go to Schedule

    or used iview

    if you don't need HTML, send the log to syslog and send from syslog server to your email (Splunk, Kiwi-Syslog or Syslog-NG etc)

    Just Go to System Service | Log Setting

    hope can help

  • 0 in reply to H Obe RS

    Thanks for the reply, but that really doesn't help. That report is simply a record of my users' web surfing history, and does not show any other detail. I want a text list of every single thing that the firewall sees, both incoming and outgoing, in chronological order, sent in a file via email. I don't have a syslog server, and I shouldn't need to set up a whole server just to do something that my old firewall had been doing just fine for years.

  • 0 in reply to Marshall Ringler1

    Basically what you are asking for is an email message containing every packet the XG passes or blocks? You must have some very large files?

    Ian

  • 0 in reply to rfcat_vk

    Well, I still have one Sonicwall TZ300 running for one branch office, and it sent me a total of 6 emails since midnight last night. It's just a list of traffic attempts (source, destination and type) and what was done with the traffic (allow/deny). Nothing fancy. I figured that all firewalls would have the ability to do that.

Reply
  • 0 in reply to rfcat_vk

    Well, I still have one Sonicwall TZ300 running for one branch office, and it sent me a total of 6 emails since midnight last night. It's just a list of traffic attempts (source, destination and type) and what was done with the traffic (allow/deny). Nothing fancy. I figured that all firewalls would have the ability to do that.

Children
  • 0 in reply to Marshall Ringler1

    Hi Marshall,

    I have been generating some reports that I thought might do the trick, but alas total failure.

    I use clienteles acces to manage my network device access to the internet and thought the clienteles access report would do the trick, but it is empty.

    As far as I can see you can generate report that show device (clients) data throughput and applications used and web sites accessed but you cannot marry the groups into one report.

    You could create a features request in that forum and post the link back here asking for support.

    I did find a reporting bug which was supposed to have been fixed, in that reports are created by a GMT schedule not the current local time on the XG.

     

    Ian