short info,
for everyone who uses SophosXG and an ELK Stack,
now have the option of transferring syslog data directly to the ELK Stack via filebeat sophos module, see here.
https://www.elastic.co/guide/en/beats/filebeat/master//filebeat-module-sophos.html
to avoid misunderstandings,
i am not promoting the ELK stack itself and am not a contributor to them, but i am the creator of the module [:)]
best regards
StefanS
This thread was automatically locked due to age.
