Please does any have the documentation for injecting Sophos Firewall logs to Solarwinds SEM?
I have also tried to inject Cisco Switches and Routers to the SEM but it didn't work.
When I used the flash interface for a Cisco Firewall sometime ago, it worked perfectly ok as I used the automated way. but the HTML interface doesn't have such feature, hence the difficulty in getting logs into the SEM using connectors.
Is anyone having same issue?
Did you figure this out? I've been sending my Sophos XG logs to SEM for some time. I actually get a nightly report for VPN logons that I clean up with a macro in Excel to give to management.
The log file on the SEM side I'm using is: /var/log/local0.log
On the Sophos XG under log settings I've added the IP address of our SEM server using port 514 and Facility LOCAL0. I then have checked all the logs I want sent over.
I'm not sure what else you may need it was some time ago I set it up, but hopefully this helps you out if you haven't already got this working since your post is from 2 months ago.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.