RSA Admin

Collecting Sophos firewall logs

Discussion created by RSA Admin Employee on Nov 2, 2012

We have a Sophos Enterprise Console that we are collecting antivirus logs from. More of our users are starting to use the firewall functionality of the Sophos product, but it doesn't appear that's a supported event source.

 

Does anyone have a solution for collecting this data that doesn't involve me using ESI to build a new set of rules?

Outcomes