Hello,
I'm having difficulty trying to understand how you obtain detailed firewall logs. I've read many articles and even contacted support and it appears what I'm asking for is impossible which I find difficult to believe.
So my situation.
We believe we had a breach a few days back and wanted to view the firewall logs in order to see traffic coming into the Sophos XG and where it came from and to which internal system. Pretty straightforward I assumed. We have the option ticked for Log Firewall Traffic but unable to find where this log data is stored. The logs within /log do not hold the information according to Sophos Support and suggested I use the Gui Log Viewer. When I go there I see entries but when I click export it only gives me 5 mins of data even though I set the filter to all time.
I'm obviously missing something. I can't believe a security appliance like the XG doesnt have this readily available.
Any and all help appreciated.
This thread was automatically locked due to age.
