Click here to expand

    Configuring the Syslog Service on Sophos devices

    To configure the Syslog service in your Sophos devices, follow the steps below:

    Enabling Sophos-UTM Syslog:

    1. Login to Sophos UTM as administrator.
    2. Navigate to Logging & Reporting > Log Settings >Remote Syslog Server
    3. Enable Syslog Server Status
    4. Configure the syslog server by filling the following details

      Name: < Any >
      Server: < EventLog Analyzer server IP Address >
      Port: < 513 >

    5. Navigate to Remote Syslog > select the logs that has to be sent to the EventLog Analyzer server.
    6. Click on Apply

    Enabling Sophos-XG Syslog:

    1. Login to Sophos-XG as administrator.
    2. Navigate to System > System Services > Log Settings > Syslog Servers > Add
    3. Configure the syslog server by filling the following details

      Name: < Any >
      Server: < EventLog Analyzer server IP Address >
      Port: < 513 >
      Facility: < DAEMON >
      Severity: < INFORMATION >
      Format: < Standard Format >

    4. Click on Save
    5. Navigate to System > System Services > Log Settings> select the logs that has to be sent to the EventLog Analyzer Server.

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       
    Get download link