Central: More actions: Diagnose (create SDU) has lack of documentation

Hello LHerzog,

Thank you for reaching out to the Sophos Community. The most detailed guidance regarding the SDU tool can be found in the following two links. 

How to locate and download: https://support.sophos.com/support/s/article/KB-000033500?language=en_US
Running the SDU tool and sending logs to support: https://support.sophos.com/support/s/article/KB-000033508?language=en_US

I will reach out to our documentation teams to see if we can get the content in the Central Admin Help guide reviewed so that we include some links that redirect customers to the documentation above. 

In regards to obtaining the logs yourself after the upload process, this can only be done by Sophos Support at this time. If you wish to see this opened up to customers in the future, I recommend submitting a feature request. 
- https://ideas.sophos.com/forums/285723-endpoint-protection

If you run "Diagnose" from Central, it will leave the zip file in the system user's temp directory, e.g. \windows\temp\.. I believe the zip is in a sub-folder under \windows\temp named "sdu-<pid>".  You could grab that yourself with what ever agent or C$ access you might have to the computer.

"C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility\sducli.exe" is essentially what gets called and sduconfig.xml is the config which defines the files to collect and commands to run.  So you could run that through whatever means you may have.

that's good information, would be really cool, to add such knowledge into the documentation!

thanks Sophos User930

thanks Qoosh for contacting the Doc-Team