Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 3464 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to disable logging for a full domain

FrankBarmentlo

Hello,

 

I have a sophos set up at home,

It serves as webfilter for my outgoing traffic, and as WAF for my inbound Web applications at my own domain.

Configured Web Proxy rule:

Apply "DefaultV2" app filter, "Internal - General" web filter, IPS, for "DefaultInternal" group, when in "LAN" zone, and coming from "Internal - HTTPS Hosts" network, scan for malware

Source & Schedule
LAN
Source Networks and Devices : Internal - HTTPS Hosts
During Scheduled Time : All the Time

Destination & Services
Any
Destination Networks : Any
Services : HTTP,HTTPS,HTTPS - 2

Identity
DefaultInternal

 

How can I avoid the WebFilter to log outbound traffic to my own domain? My WAF is configured  to log all inbound traffic, and I don't need logs of how I visit for example graylog(which has the awesome feature to refresh itself through the WAF... every page I open means at least 2 log entries to itself).

Kind regards,



This thread was automatically locked due to age.
  • 0

    Frank,

    sorry but your question is not clear. The Web proxy rule you posted is used to filter and allow traffic from LAN (internal HTTPS hosts) to External (any) and log is not enabled then you mentioned WAF.

    Please give us more details.

    Regards

  • 0 in reply to lferrara

    I am on the internal network, using a website that is also hosted on my internal network.

    I access it via my external IP, so I thought it triggered both the WAF and Webfilter and caused lots of messages that I do not need (Internal network visiting my own domain).

     

    I made a configuration mistake while testing graylog, the issue is cleared & resolved.

  • +1 in reply to FrankBarmentlo

    Frank,

    now it is clear. You can create 2 different BAR, one at the top "coming from WAN....." where you enable Logging; a second BAR "coming from internal or any (If I am remember correctly if you put internal, the rule will not work), and keep the logging disabled.

    Regards,