To set up Sophos XG Collector, follow the procedures below:
- Enable Sophos XG Collector
- Install the XDR Collector
- Configure the Firewall
- Open port on the XDR Collector Host
Enable Sophos XG Collector
- In Barracuda XDR Dashboard, navigate to Administration > Integrations.
- On the Sophos XG Collector card, click Setup.
- Select the Enable check box.
- Click Save.
Install the XDR Collector
- If you haven't already set up the XDR Collector, do one of the following:
Configure the Firewall
Go to System Services > Log settings and click Add.
Enter a name.
Specify the settings.
Type 9208 in Port.
Your Syslog server must use port 9208.Click Save.
Go to Log settings and select the logs you want to send to the syslog server.
Open port on the XDR Collector Host
Ensure incoming traffic is allowed on UDP port 9208.
Linux
sudo ufw allow 9208/udp
Windows
netsh advfirewall firewall add rule name=“Sophos XG Firewall Events” dir=in action=allow protocol=UDP localport=9208