Intergrating Sophos Firewall to Solarwinds SEM


Please does any have the documentation for injecting Sophos Firewall logs to Solarwinds SEM? 

  • Did you figure this out?  I've been sending my Sophos XG logs to SEM for some time.  I actually get a nightly report for VPN logons that I clean up with a macro in Excel to give to management.

    The log file on the SEM side I'm using is: /var/log/local0.log

    On the Sophos XG under log settings I've added the IP address of our SEM server using port 514 and Facility LOCAL0.  I then have checked all the logs I want sent over.

    I'm not sure what else you may need it was some time ago I set it up, but hopefully this helps you out if you haven't already got this working since your post is from 2 months ago.

  • I am still unable to get the firewall to show as a non-agent node. I have tried local0 as well as local1 and nothing is working. Not sure what else I can do at this point. 

  • Here's what my XG Log settings look like:

    HHere's what I have on the SEM/LEM side:

Reply Children
No Data