Sophos Firewall Data
App Installation
| App | Search Head | Indexer | Heavy Forwarder | UF / Deployment Server | Additional Details |
|---|---|---|---|---|---|
| Sophos Next-Gen Firewall | Required | - | Required | - | Installation Guide |
| Sophos Central | Required | - | Required | - | Installation and Configuration Guide (only required for sophos_events) |
Important sourcetypes to be collected
- sophos:xg:firewall
- sophos:xg:heartbeat
- sophos:xg:system_health
- sophos:xg:atp
- sophos:xg:idp
- sophos:xg:event
- sophos_events
Note : Create an index named sophos_firewall or update the cs_sophos_firewall macro definition from Cyences app configuration page (Cyences Settings > Cyences App Configuration > Products Setup).
Estimated Data Size
TODO