Intergrating Sophos Firewall to Solarwinds SEM


Please does any have the documentation for injecting Sophos Firewall logs to Solarwinds SEM? 

  • I have also tried to inject Cisco Switches and Routers to the SEM but it didn't work. 

    When I used the flash interface for a Cisco Firewall sometime ago, it worked perfectly ok as I used the automated way. but the HTML interface doesn't have such feature, hence the difficulty in getting logs into the SEM using connectors. 

    Is anyone having same issue? 

  • Do you know what version of the SEM you are using?

    We didn't introduce the ability to manage SEM connectors via the HTML5 interface until at least version 6.5. You should really consider upgrading to SEM 2020.4 if you're using a version older then that.

  • This is our issue as well.  Just in a trial but this is going to be a dealbreaker if this is not possible

  • Did you figure this out?  I've been sending my Sophos XG logs to SEM for some time.  I actually get a nightly report for VPN logons that I clean up with a macro in Excel to give to management.

    The log file on the SEM side I'm using is: /var/log/local0.log

    On the Sophos XG under log settings I've added the IP address of our SEM server using port 514 and Facility LOCAL0.  I then have checked all the logs I want sent over.

    I'm not sure what else you may need it was some time ago I set it up, but hopefully this helps you out if you haven't already got this working since your post is from 2 months ago.

  • I am still unable to get the firewall to show as a non-agent node. I have tried local0 as well as local1 and nothing is working. Not sure what else I can do at this point. 

  • Here's what my XG Log settings look like:

    HHere's what I have on the SEM/LEM side: