Sophos XG Integration not working correctly

[dLoProdz]

Sophos XG intergration seems to be broken.

After connecting a Sophos XG firewall to the UTMS instance by using the provided integration:

1. The data source type appears as 'Generic'
2. Logs ARE received, but there is a _grokparsefailure

Expected behavior

I would expect the integration not only to recognize the correct device type but also to successfully parse and decode the logs for effective field extraction.

Environment

• OS: UTMS running on Ubuntu 22.04,
• OS: Sophos SFVH (SFOS 20.0.2 MR-2-Build378)
• Browser: Firefox, Chrome
• Version: 10.5.7

[osmontero]

I will move this to discussions until it become confirmed as a bug