We did this to only capture packets to and from that device. Previously we specified the IP address of the Fastvue server as a capture filter. Click the toggle switch to start the packet capture.Īfter a few second click Refresh to see if any results are shown. If a number of packets have been collected you can toggle the switch to stop the capture.įiltering the Sophos XG Packet Capture Results.For the BPF string, specify " host" followed by the IP address of your Fastvue Sophos Reporter server. Click Save.Wrap Capture Buffer Once Full allows refreshing the buffer with new information, purging the older information.Set the Number Of Bytes To Capture (Per Packet) to 1024.Click the Configure button to limit which packets to capture.Go to Monitor & Analyze | Diagnostics | Packet Capture.This is a handy troubleshooting step if you're not seeing any data flowing into Fastvue Sophos Reporter (for other troubleshooting steps, please see our support article).
#Sophos xg unreplied how to#
In this example, I will show you how to determine if Sophos XG is sending syslog messages to Fastvue Sophos Reporter.
Let's have a look at how to enable Sophos XG packet capture. Unlike firewall logs that can be turned off or configured to exclude logging of some traffic, a packet capture literally shows you every packet that the firewall has to process. This is a great tool to determine what is actually happening "on the wire". Sophos XG has the ability to capture and display actual network packet information right from the management web interface.
0 kommentar(er)
