Sophos XG Firewall LogsUpdated Aug 31, 2023
You can configure your Sophos XG Firewall® to send the necessary logs to Arctic Wolf for monitoring security information.
- Activated Arctic Wolf Sensor
Sign in to the Sophos Central console.
Click System services > Log settings.
Configure these settings:
Note: Do not use secure log transmission because it renders the syslog data unusable to Arctic Wolf.
- Name — Enter a name for the syslog server.
- IP address / Domain — Enter the IP address of your Arctic Wolf sensor.
- Secure log transmission — Clear the checkbox.
- Port — Enter
- Facility — Use the default option.
- Severity level — Select Informational from the list.
- Format — Select Central Reporting Format from the list.
Contact your Concierge Security® Team to inform them that you have configured syslog forwarding, and to validate that the logs are being ingested appropriately. Include the following information:
- Confirmation that you have completed the steps in this configuration guide.
- The IP address you used during the configuration.
- Any other questions or comments that you have.