Sophos XG Firewall: Where to find log files?


  • This article describes how to find and view the log files on the Sophos XG Firewall from the graphical user interface and the command line interface and also details how to enable debugging.

How to find log files

All log files are available via the graphical user interface (GUI) and the command line interface (CLI), in the Advanced Shell.

Finding logs in the graphical user interface

In SFOS version 17, the Log Viewer can be found in the upper right-hand corner of the GUI by clicking on the Log Viewer link.

Finding logs in the advanced shell

Connecting to the advanced shell

  1. To connect using SSH, you may use any SSH client to connect to port 22 of the SFOS device.
  2. Select option 5 Device Management.
  3. Select option 3 Advanced Shell.

Advanced shell commands

In the Advanced Shell, you can find the log files in the /log directory. These commands can be used to view the text in different ways. Commands are explained with examples below each one, variables such as path or filenames are enclosed in < > symbols.

The tail -f command shows the log file’s latest entries.

  • tail –f /log/<logfilename>.log Shows the log file’s latest entries.

The less command shows static log files. You can also match keyword within the logs.

  • less /log/<logfilename.log> 

The grep command applies a search filter for the keyword within the logs.

  • grep <Keyword> /log/<logfilename>.log 

The service command will start/restart/stop/debug a service.

  • service <service name>:start/restart/stop/debug –ds nosync 

Be the first to comment

Leave a Reply

Your email address will not be published.