This is the main log file and, by default, contains information about the protected registry key settings and alterations, items that were blocked as well as attempts to access the registry, processes and protected files.
Records the start and end time of each trickle feed and the number of events processed when Threat cases are generated. This file has the process name and its start and stop time. Sophos endpoint Defense utility install actions — this is the enhanced tamper protection module.
Sophos AMSI operation logs. There will only be one. This logs profile changes, whether the Windows Firewall is turned on or off, the status of applied policy, 3rd party registered firewalls, blocked applications, as well as component errors. Maximum size of 10MB and 1 rotation. A summary of the data in SophosFileScanner.
Contains FIM Service logging, configuration settings, feed application, policy parsing content, data batch creation, writing of events to Windows Event Log, and Tamper Protection status. The maximum log size is 5MB and rotates up to 4 times. Shows the Sophos Health Service version and the status of all existing Sophos services. The name of the stopped Sophos service will be listed here. The default log level is information level, with 4 logs rotation and 1MB each.
For detailed information on configuring the logging, see Sophos Heartbeat and Health logs. Configuration and preflight for the Sophos Health utility install. This file has the version of the Heartbeat and the status of the connection to the Sophos Firewall.
Default maximum size of 1MB and 4 logs rotation. Configuration and preflight for the Sophos Heartbeat Utility Install. Contains information related to CryptoGuard ransomware protection and exploit mitigation. Details the application of policies and other communications pulled down from Central servers.
Maximum log rotation of 4 and size limit of 1MB. Details the communications between the endpoint and Central servers. This has the preflight and configuration of the MCS install — includes the registration token.
There are three standard logs, dbos, osquery. The logs are rotated at 10MB size, there are 5 iterations for each log file, and the max-age for an archived log is 30 days. Each archived log is compressed with gzip. Sophos Client Firewall log. Use the Sophos Client Firewall Log viewer to view the information.
Sophos Client Firewall installation log. Sophos Client Firewall custom actions log. Sophos Data Control log. Turn on the verbose logging per Sophos Anti-Virus for Windows: How to enable verbose data control logging , and this holds a maximum of 4 logs in rotation. Sophos Device Control log. Maximum of 4 logs in rotation by default. Sophos Endpoint Defense logs. Log of the Sophos Endpoint Defence installation. Log of process accesses detected by Malicious Traffic Detection and basic errors.
Sophos Patch installation log. Sophos Patch Control session detailing communication between computer and server 5 logs in rotation. The rotation occurs when the service restarts. Remote Management System agent log. Maximum of 8 logs in rotation. The rotation occurs at each start of the Sophos Agent service. URL groups. File types. Surfing quotas. Application filter. Synchronized Application Control. Traffic shaping default. Application object.
Wireless networks. Access points. Access point groups. Mesh networks. Hotspot voucher definition. Policies and exceptions. Data control list. General settings. Address group. Web server. Web servers. Protection policies. Authentication policies.
Authentication templates. Advanced protection. VPN overview. IPsec policies. WAN link manager. IPv6 router advertisement. Cellular WAN. IP tunnels. Dynamic DNS. Static routing. SD-WAN policy routing. Upstream proxy. LDAP server. Active Directory server. Multi-factor authentication MFA.
Web authentication. Guest users. Clientless users. Guest user settings. Client downloads. System services. High availability.
0コメント