I would like to ask if anyone successfully get logs from Sophos XG210. What's the Data Source Model and Data Format should be?
Now logs come into SIEM but as "Unknown" log.
Go to Solution.
I got adviced that you can use Cyberoam UTM and NGFW instead of Sophos/UTM & Next-Gen Firewall for XG210. I tested Cyberoam UTM can be recognized by SIEM, to be a temp solution.
Hope that help if you have same issue.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center