Hello everyone,
I need some help about the send the firewall logs to a syslog server. Currently noted that the logs sended by Sophos XG on the syslog are stored in a single file named "SFW.LOG", this is a bit unproductive because it not parsed by module or features, (IPS log, Fw log, email log, VPN-SSL log, etc).
I configured some profiles to send the logs to the syslog server from sophos. 5 profiles with different logs to send, but it not works and it's stored in a single file as mentioned:
I've disabled the options because when it's enabled the single log file increase too much (in 10 min log increase about 3 GB.... )
Any ideas how can resolve this?.....
Best regards!
This thread was automatically locked due to age.
