{"id":3147,"date":"2021-05-17T07:31:42","date_gmt":"2021-05-17T05:31:42","guid":{"rendered":"https:\/\/partnernews.sophos.com\/en-us\/?p=3147"},"modified":"2021-09-21T16:28:34","modified_gmt":"2021-09-21T14:28:34","slug":"splunk-integration-for-sophos-firewall","status":"publish","type":"post","link":"https:\/\/partnernews.sophos.com\/en-us\/2021\/05\/products\/splunk-integration-for-sophos-firewall\/","title":{"rendered":"Splunk Integration for Sophos Firewall"},"content":{"rendered":"<p>As you probably know, Splunk is a world leader in data management and Security Information and Event Management (SIEM) and provides a perfect complement to <a href=\"https:\/\/www.sophos.com\/en-us\/products\/next-gen-firewall.aspx\">Sophos Firewall<\/a> and <a href=\"https:\/\/www.sophos.com\/en-us\/products\/next-gen-firewall\/ecosystem-central.aspx\">Sophos Central<\/a> for on-premise firewall log storage and analysis.<\/p>\n<p>The Splunk integration with Sophos Firewall includes two Splunk applications:<\/p>\n<ul>\n<li><strong>Sophos Firewall Technology Add-on<\/strong> (TA) for Splunk that parses the data collected from Sophos Firewall.<\/li>\n<li><strong>Sophos App for Splunk<\/strong> that provides a series of pre-packaged dashboards for visualizing data from your Sophos Firewall in Splunk<\/li>\n<\/ul>\n<p>Here are a couple of examples of what you can see in Splunk with the app:<\/p>\n<figure id=\"attachment_3148\" aria-describedby=\"caption-attachment-3148\" style=\"width: 640px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-3148 size-full\" src=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image001.png\" alt=\"\" width=\"640\" height=\"535\" srcset=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image001.png 1430w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image001.png?resize=300,251 300w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image001.png?resize=768,642 768w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image001.png?resize=1024,856 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><figcaption id=\"caption-attachment-3148\" class=\"wp-caption-text\"><em>Firewall top 10 applications<\/em><\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<figure id=\"attachment_3149\" aria-describedby=\"caption-attachment-3149\" style=\"width: 640px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-3149 size-full\" src=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image003.png\" alt=\"\" width=\"640\" height=\"305\" srcset=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image003.png 1431w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image003.png?resize=300,143 300w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image003.png?resize=768,367 768w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/05\/image003.png?resize=1024,489 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><figcaption id=\"caption-attachment-3149\" class=\"wp-caption-text\"><em>Threats blocked over time by source (ATP, AV, Sandboxing, WAF)<\/em><\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<p>There are dashboard widgets for:<\/p>\n<ul>\n<li>Threats<\/li>\n<li>Firewall usage and activity<\/li>\n<li>Web traffic, bandwidth and activity<\/li>\n<li>Top applications and clients<\/li>\n<li>Traffic types and TLS encryption<\/li>\n<li>Users and connections<\/li>\n<li>VPN<\/li>\n<\/ul>\n<p>This new Splunk integration for Sophos Firewall is a great compliment to <a href=\"https:\/\/www.sophos.com\/en-us\/products\/next-gen-firewall\/ecosystem-central.aspx\">Sophos Central cloud-based Firewall Reporting<\/a> for doing on-premise reporting or for integrating Sophos Firewall into your Splunk SIEM solution.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>How to Get Started<\/strong><\/p>\n<p>You will need SFOS v18 MR1 build 396 or later running on your Firewall to participate in this early access program.<\/p>\n<p>Full details on the pre-requisites, download links, and setup instructions are here on the <a href=\"https:\/\/community.sophos.com\/sophos-central-integrations\/sophos-splunk-apps-for-sophos-xg-firewall\/b\/announcements\/posts\/splunk-integration-for-sophos-xg-firewall\">Sophos Community<\/a>.<\/p>\n<p>Get more information and share your feedback on the <a href=\"https:\/\/community.sophos.com\/sophos-central-integrations\/sophos-splunk-apps-for-sophos-xg-firewall\/\">community forums<\/a>.<\/p>\n<p>Visit the Sophos Partner Portal for <a href=\"https:\/\/partners.sophos.com\/prm\/English\/c\/selling-sophos-firewall\">product and sales resources<\/a> on Sophos Firewall.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The product team is pleased to announce the Early Access Program (EAP) for our new Splunk integration and apps for Sophos Firewall.<\/p>\n","protected":false},"author":19,"featured_media":3000002961,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2],"tags":[149],"coauthors":[58],"class_list":["post-3147","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","tag-sophos-firewall"],"jetpack_featured_media_url":"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/04\/featured-image-sophos-firewall-partner-app-icon-1600x960px.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/3147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/users\/19"}],"replies":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/comments?post=3147"}],"version-history":[{"count":1,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/3147\/revisions"}],"predecessor-version":[{"id":3150,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/3147\/revisions\/3150"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/media?parent=3147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/categories?post=3147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/tags?post=3147"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/coauthors?post=3147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}