Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 14 subscribers
  • Views 3823 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Live Discover Query to identify application trying to access specific remote port

Tiago Bianchini1

Hi

I want to detect what program in a Windows PC with Sophos Endpoint is trying to access a service running at a specific port in other equipament in my network.

Its possible to do that with at Sophos Central, with Live Discovery?



This thread was automatically locked due to age.
Parents Reply Children
  • FormerMember
    0 FormerMember in reply to Tiago Bianchini1

    if you are looking to investigate something in the past then you would have to get our XDR product which has a data lake that retains the data for a specified amount of days. Live Discover is a 'What's happening RIGHT NOW' service. All the data avail in  Live Discover is avail in the data lake.

  • 0 in reply to FormerMember

    Thank you, with your sugestion, I've found what was looking for:

    "Network activity of a process on a specific remote port (Data Lake)"

    Unfortunatelly, didn't found information for PC I was analysing.  Were I can found what data, and from what machine, are going to Sophos Data lake.

Unfiltered HTML