I would like to ask if anyone successfully get logs from Sophos XG210. What's the Data Source Model and Data Format should be?
Now logs come into SIEM but as "Unknown" log.
Go to Solution.
I got adviced that you can use Cyberoam UTM and NGFW instead of Sophos/UTM & Next-Gen Firewall for XG210. I tested Cyberoam UTM can be recognized by SIEM, to be a temp solution.
Hope that help if you have same issue.