Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 795 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall logs

Paul Simcox

Hello,

I'm having difficulty trying to understand how you obtain detailed firewall logs. I've read many articles and even contacted support and it appears what I'm asking for is impossible which I find difficult to believe.

So my situation.

We believe we had a breach a few days back and wanted to view the firewall logs in order to see traffic coming into the Sophos XG and where it came from and to which internal system. Pretty straightforward I assumed. We have the option ticked for Log Firewall Traffic but unable to find where this log data is stored.  The logs within /log do not hold the information according to Sophos Support and suggested I use the Gui Log Viewer. When I go there I see entries but when I click export it only gives me 5 mins of data even though I set the filter to all time.

I'm obviously missing something.  I can't believe a security appliance like the XG doesnt have this readily available.

Any and all help appreciated.



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Paul Simcox

    Hi

    while waiting for a detailed answer why not try the CM/CFR free version that will give you visibility for 7 days of data. The information is more detailed than XG reports and there is still plenty of room for Sophos to improve this with feedback from real users.

    Ian

Children