Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 395 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG DNS Logging and offload to SIEM

dm4884

I've successfully configured our XG Firewalls to push logs to our SIEM solution which works well, though when trying to trace source of DNS requests I can't find anything logged either locally on the XG, or anything on the SIEM other than a UDP port 53 request which doesn't help in determining the source as it doesn't include DNS name of the request, just source/destination IPs.

Is there any way I can enable DNS logging on the XGs and have DNS logs pushed to our SIEM solution?



This thread was automatically locked due to age.
Parents
  • 0

    Hello there, 

    Good day and thank you for reaching out to Sophos Community 

    May we ask if you are still facing this concern?

    Are you looking for log lines from User DNS logs resolving? or Logs from Firewall DNS resolving/querieng from it's designated DNS server? 

    Many thanks for your time and patience and thank you for choosing Sophos

    Cheers,

  • 0 in reply to Raphael Alganes

    Hi Raphael,

    Thanks for the reply!

    This is still an issue for us, it's Logs from the Firewall DNS resolving/querying that we're having problems with - this doesn't seem to be covered by any of the options in the log forwarding on the XG.

    Regards

Reply Children
  • 0 in reply to dm4884

    Hello there, 

    It seems this feature is currently unavailable on SF. 

    This would be a Feature Request, I may recommend you to reach out to your Account Manager, Sales Engineer or Sales Representative so that they can enter this request into our system. 

    Additionally, you can use the in-product feedback in the Sophos Firewall located in the Top Menu Bar.

    Thanks for your time and patience and thank you for choosing Sophos.

    Cheers,