Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 472 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP Syslog messages on Sophos Firewall

Sophos User622

Hi all,

I have DHCP server configured on Firewall and I would like to collect DHCP syslog messages in order to detect when some IP has been assigned to some host. However, in System services/Log Settings there is no DHCP options but rather some categories like Firewall,IPS, Antivirus, Content Filtering, Events etc.

Do DHCP syslog messages belongs to some of those categories? Where can I found and configure them?

Thank you in advance,

Nikola



This thread was automatically locked due to age.
Parents
  • 0

    Hello there,

    Thank you for contacting the Sophos Community.

    There is no a Syslog for DHCP server, but the log, where you can find info would be the csc.log and the applog.log also you can find this info on the Live Log viewer under system

    The applog would show l2dhcp_commit : x.x.x.x, mac, 0, Port number

    the csc.log would show [dhcpd_events:5040]: {"dhcpd_events":{"method":"nservice","name":"dhcpd_events:l2dhcp_commit","version":"1.2","type":"json","length":255,"data":{ "ipaddress":"xxx.xxx.xxx.xxx","mac":"xx:xx:xx:xx:03:95","loginfo":"xxx.xxx.xxx.xxx Mon 06 Jun 12:46:24 2022 Tue 07 Jun 12:46:24 2022 24:0a:64:03:03:95 hostname "interfacename":"Port8","leasetime":"86400","clienthost":"hostname","ipfamily":"0" }}}

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply
  • 0

    Hello there,

    Thank you for contacting the Sophos Community.

    There is no a Syslog for DHCP server, but the log, where you can find info would be the csc.log and the applog.log also you can find this info on the Live Log viewer under system

    The applog would show l2dhcp_commit : x.x.x.x, mac, 0, Port number

    the csc.log would show [dhcpd_events:5040]: {"dhcpd_events":{"method":"nservice","name":"dhcpd_events:l2dhcp_commit","version":"1.2","type":"json","length":255,"data":{ "ipaddress":"xxx.xxx.xxx.xxx","mac":"xx:xx:xx:xx:03:95","loginfo":"xxx.xxx.xxx.xxx Mon 06 Jun 12:46:24 2022 Tue 07 Jun 12:46:24 2022 24:0a:64:03:03:95 hostname "interfacename":"Port8","leasetime":"86400","clienthost":"hostname","ipfamily":"0" }}}

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?