Sophos Firewall

Discussions Search log by time

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 4 replies
Subscribers 27 subscribers
Views 1623 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Search log by time

Gib GoDesk over 5 years ago

Hello people.

I have a doubt. can you help me?

I noticed last night that I had a high internet traffic coming out of my network. It's okay, I know this volume was from backup services.

What I want to know is how do you see this traffic consumption in the Sophos XG logs, did I find out what happened and whose?

Also can not see logs set by time, only by day. Is it possible to determine time in the traffic report?

This thread was automatically locked due to age.

Parents

0 FormerMember over 5 years ago

Hi Gib GoDesk,

Unfortunately, log viewer does not give you an option to filter the logs with time stamp, but you might find the information you are looking for in reports.

I would suggest you to check out reports guide for XG firewall : https://docs.sophos.com/nsg/sophos-firewall/v17.1.0/PDF/Sophos%20XG%20Firewall%20Reports%20Guide.pdf

Thanks,
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 5 years ago in reply to FormerMember

this is what the community is complaining about logs and reporting. If you want to know whichi applications, ports and so on were responsible to consume a specific WAN port, you need to run different reports from Applications & web while a drill-down from the NIC should be available and simple to reach.

UTM has ABSOLUTELY A BETTER REPORTING AREA AND FEATURE. Please investigate and copy reporting from UTM9. Do not suggest to buy Central or other reporting tool. We need useful reports on the box itself.

Built-in reporting was one of the main reason to choose UTM vs other vendors.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 lferrara over 5 years ago in reply to FormerMember

this is what the community is complaining about logs and reporting. If you want to know whichi applications, ports and so on were responsible to consume a specific WAN port, you need to run different reports from Applications & web while a drill-down from the NIC should be available and simple to reach.

UTM has ABSOLUTELY A BETTER REPORTING AREA AND FEATURE. Please investigate and copy reporting from UTM9. Do not suggest to buy Central or other reporting tool. We need useful reports on the box itself.

Built-in reporting was one of the main reason to choose UTM vs other vendors.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 FloSupport over 5 years ago in reply to lferrara

Hi

Thank you for sharing your feedback and for your continued participation in the SFOS v18 EAP.

The XG Firewall Product Management team is aware that logging and reporting is lacking in certain areas, and are working to improve these features for upcoming SFOS releases.

For other Community members reading this, I would strongly advise to leave your feedback and suggestions on the SFOS v18 EAP "Feedback & Issues" forum.

Regards,
Cancel
Vote Up 0 Vote Down

Cancel