EventLog Analyzer supports Sophos Firewall and provides out-of-the-box reports for the following categories of events:
- Sophos Events: Provides information on all the events associated with Sophos devices.
- Firewall Allowed and Denied Traffic: Provides insights on traffic based on source, destination, protocol and port, and also generates a report on traffic trends.
- Firewall Website Traffic: Provides traffic reports based on source, destination, and website traffic trend.
- Successful and Failed Logons: Provides source and user based reports, trend reports.
- Firewall Accounts Management: Provides reports on administrator added, deleted or modified.
- Firewall Policy Management: Provides information on policies added, deleted, or modified.
- Firewall IDS/IPS Events: Provides insights on attacks based on source and destination IP address, also provides a report on attack trends.
- System Events: Provides reports on configuration changes, clock update, system status, start and stop of services, features and license status.
- Failed VPN Logon Reports: Monitors the VPN activities from Sophos logs and offers out-of-the-box reports for failed VPN logons.
- Device Severity Reports: Provides reports on emergency, alerts, critical, error, warning, and notice events.
Sophos Reports Dashboard
- Go to the Reports section. Select Sophos from the displayed list of vendors.
- In the left pane, all the available out-of-the-box reports for Sophos will be listed. Select the report you want to view.
- To generate reports for a specific Sophos device, click Select Device drop down list on the right pane and choose the needed Sophos devices. Click Add.
- You can further generate reports based on Source, Severity and Device. Use logical operators as required.
- If you want to generate the reports for a specific time period, select the Period calendar option from the top right corner, specify the time period and then click Apply.
- To export a report, click Export as and choose the format. The solution allows you to export the reports in PDF and CSV formats.
- To generate and redistribute the reports over email at periodic time intervals, you can use the Schedule Reports option.
- The More link at the top right corner provides you the below customization options:
- Set as Default: Allows you to set the selected report as the default report.
- Add to Favorites: Marks the selected report as favorite.
- Pin to dashboard: Pins the selected report to the dashboard in the Home page.