diff --git a/packages/sophos/_dev/build/docs/README.md b/packages/sophos/_dev/build/docs/README.md
index 773304a919e..e7ef23223bf 100644
--- a/packages/sophos/_dev/build/docs/README.md
+++ b/packages/sophos/_dev/build/docs/README.md
@@ -4,8 +4,8 @@ The Sophos integration collects and parses logs from Sophos Products.
 
 Currently it accepts logs in syslog format or from a file for the following devices:
 
-- `utm` dataset: supports Astaro Security Gateway logs.
-- `xg` dataset: supports Sophos XG SFOS logs.
+- `utm` dataset: supports [Unified Threat Management](https://www.sophos.com/en-us/support/documentation/sophos-utm) (formerly known as Astaro Security Gateway) logs.
+- `xg` dataset: supports [Sophos XG SFOS logs](https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/Logs.html).
 
 To configure a remote syslog destination, please reference the [SophosXG/SFOS Documentation](https://community.sophos.com/kb/en-us/123184).
 
@@ -20,7 +20,7 @@ Versions above this are expected to work but have not been tested.
 
 ### Utm log
 
-The `utm` dataset collects Astaro Security Gateway logs.
+The `utm` dataset collects Unified Threat Management logs.
 
 {{fields "utm"}}
 
diff --git a/packages/sophos/changelog.yml b/packages/sophos/changelog.yml
index 5280809e22f..31177383db5 100644
--- a/packages/sophos/changelog.yml
+++ b/packages/sophos/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.2.2"
+  changes:
+    - description: Update Readme to include links to Sophos's documentation. Also used the latest product name for Astaro
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/3160
 - version: "2.2.1"
   changes:
     - description: Format source.mac and destination.mac as per ECS for the UTM data stream.
diff --git a/packages/sophos/docs/README.md b/packages/sophos/docs/README.md
index 7d950b445d8..2c688f303f4 100644
--- a/packages/sophos/docs/README.md
+++ b/packages/sophos/docs/README.md
@@ -4,8 +4,8 @@ The Sophos integration collects and parses logs from Sophos Products.
 
 Currently it accepts logs in syslog format or from a file for the following devices:
 
-- `utm` dataset: supports Astaro Security Gateway logs.
-- `xg` dataset: supports Sophos XG SFOS logs.
+- `utm` dataset: supports [Unified Threat Management](https://www.sophos.com/en-us/support/documentation/sophos-utm) (formerly known as Astaro Security Gateway) logs.
+- `xg` dataset: supports [Sophos XG SFOS logs](https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/Logs.html).
 
 To configure a remote syslog destination, please reference the [SophosXG/SFOS Documentation](https://community.sophos.com/kb/en-us/123184).
 
@@ -20,7 +20,7 @@ Versions above this are expected to work but have not been tested.
 
 ### Utm log
 
-The `utm` dataset collects Astaro Security Gateway logs.
+The `utm` dataset collects Unified Threat Management logs.
 
 **Exported fields**
 
diff --git a/packages/sophos/manifest.yml b/packages/sophos/manifest.yml
index dfe23ea68ab..edc91b80221 100644
--- a/packages/sophos/manifest.yml
+++ b/packages/sophos/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: sophos
 title: Sophos Logs
-version: "2.2.1"
+version: 2.2.2
 description: Collect and parse logs from Sophos Products with Elastic Agent.
 categories: ["security"]
 release: ga