Log of antivirus

There are many logs of the solution. All ‘detections’ do go to the event log. What are you trying to do? 

I am trying to make a filter for Sophos Antivirus for which I need to know the fields that a log of it has, so an example of a log where all the fields that it saves came from would be great

They only told me to look for this information about Sophos Antivirus, but I can't find any Antivirus log, I only find examples of the firewall

The following article may explain why you are finding limited information in the log folders for "Sophos Anti-Virus". 
- Sophos Intercept X for Windows: Product architecture changes

The "Sophos File Scanner" component will be used for on-access scanning in the next-gen agent. It uses an ML engine for the decision-making process, so the information you're able to gather from the logs may be limited. 

If you were looking to test the behaviour observed when a detection is raised, I recommend using an eicar file to Test detection features. As SophosUser930 mentioned, this will be recorded in the Windows Event logs. 

If I had to pick one log outside of the APIs, Windows App Event log, it would be "C:\ProgramData\Sophos\Endpoint Defense\Logs\ssp.log"  It does have HMPA detections as well, e.g. 

A Process with path C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe detected as PrivGuard

Eicar example:
A File C:\temp\eicar.txt belongs to virus/spyware 'EICAR-AV-Test' (Technical support reference: c7587ff519feda6ee503ab2bb6b72047bef50c5b0e62f812c1c10aa540130904)

excuse my insistence, but I can't solve my problem, I can't get the log I'm looking for, I want to explain myself again. I do not have Sophos installed, I am only looking for a log with Sophos antivirus integration for Siem, which if I am not mistaken is sophos intercept X, they do not have any log of this type that they provide me, or at least some description of the fields of the logs anti-virus? Thank you

The logs aren’t a supported or documented interface into the operation of the product. The official interface is the Sophos Central APIs to retrieve such data in a structured way.