Please does any have the documentation for injecting Sophos Firewall logs to Solarwinds SEM?
Did you figure this out? I've been sending my Sophos XG logs to SEM for some time. I actually get a nightly report for VPN logons that I clean up with a macro in Excel to give to management.
The log file on the SEM side I'm using is: /var/log/local0.log
On the Sophos XG under log settings I've added the IP address of our SEM server using port 514 and Facility LOCAL0. I then have checked all the logs I want sent over.
I'm not sure what else you may need it was some time ago I set it up, but hopefully this helps you out if you haven't already got this working since your post is from 2 months ago.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.