Skip to content

Web Appliance

Key facts

  • Community requested filter
  • Default port 514
Ref Link
Splunk Add-on https://splunkbase.splunk.com/app/6187/
Product Manual unknown

Sourcetypes

sourcetype notes
sophos:xg:atp None
sophos:xg:anti_spam None
sophos:xg:anti_virus None
sophos:xg:content_filtering None
sophos:xg:event None
sophos:xg:firewall None
sophos:xg:ssl None
sophos:xg:sandbox None
sophos:xg:system_health None
sophos:xg:heartbeat None
sophos:xg:waf None
sophos:xg:wireless_protection None
sophos:xg:idp None

Sourcetype and Index Configuration

key sourcetype index notes
sophos_xg_atp sophos:xg:atp netdlp none
sophos_xg_anti_spam sophos:xg:anti_spam netdlp none
sophos_xg_anti_virus sophos:xg:anti_virus netdlp none
sophos_xg_content_filtering sophos:xg:content_filtering netdlp none
sophos_xg_event sophos:xg:event netdlp none
sophos_xg_firewall sophos:xg:firewall netdlp none
sophos_xg_ssl sophos:xg:ssl netdlp none
sophos_xg_sandbox sophos:xg:sandbox netdlp none
sophos_xg_system_health sophos:xg:system_health netdlp none
sophos_xg_heartbeat sophos:xg:heartbeat netdlp none
sophos_xg_waf sophos:xg:waf netdlp none
sophos_xg_wireless_protection sophos:xg:wireless_protection netdlp none
sophos_xg_idp sophos:xg:idp netdlp none