Monitoring Sophos XG Firewall with Elastic Beats (Filebeat, Metricbeat & Packetbeat)
Our company is a Sophos MSP in Brazil and our customers are Families where we want to provide security on the Internet for kids, teenagers and the Family.
I want to know if it's possible to integrate the Elastic Beats (Filebeat, Metricbeat & Packetbeat) on Sophos XG Firewall to collect and send information about logs, performance, and network to Elastic Stack.
Elastic Stack is our SIEM and we'll send all endpoint and mobile information to there with Elastic Beats.
Follow a video that I made to show theses agents working on Sophos XG 105 Firewall:
I'm nothing using iView or send the logs to a Log Server because each XG Firewall will be placed on Customer Home, and because that I can't have a Log Server for each Home and I'll apply Machine Learning for all that Data (Endpoint, Mobile and Firewall).
Is possible to integrate these Elastic Beats on Sophos XG Firewall?
As a Sophos MSP, we also would like to see integration with Elastic. Integration with the XG is good, as would be integration with Sophos Central to pull events into Elastic.