This app provides event breaking, field extraction, CIM compliance and visualizations to use Sophos XG data in Splunk. It is compatible and was created with the current 19.5.0 XG Firewall version. This app is an upgraded version of the Sophos editor add-on 'Sophos Next-Gen Firewall' also available on the Splunkbase (https://splunkbase.splunk.com/app/6187). It replaces any Sophos XG add-on that you might have. Of course you can combine apps if you want, and only use the 'TA part' or the 'DA part' of this app. It contains the same base configuration as the official add-on, but it was added : - a better parsing and field extraction - a better CIM compliance coverage - a full web interface to visualize the data, such as security incidents investigation, network and performance troubleshooting, etc. Notes, links and how to install procedure are available in the README file in the app folder.