Daily Scan NAS Share with Intercept X Advanced

The command:

C:\Program Files\Sophos\Endpoint Defense\SophosInterceptXCLI.exe scan \\fs\server --verbose --noui --expand_archives

might do what you want.

C:\ProgramData\Sophos\Sophos UI\Logs\SophosScanCoordinator.log is the log but it writes to stdout with noui as per the output of:

SophosInterceptXCLI.exe scan help

Note: you will get emails for detections for this scan providing they are enabled.  It will also create events locally in the UI as per normal detections. Also in the Application Event log. Source "Sophos System Protection".

E.g.
C:\Program Files\Sophos\Endpoint Defense>SophosInterceptXCLI.exe scan \\fs1\web --verbose --noui --expand_archives

\\fs1\web\exploit.docx (1%)
\\fs1\web\exploit.docx (Detected as 'Mal/DocDl-C' type: 'Malware')
...
\\fs1\web\test\payload.html (16%)
\\fs1\web\test\payload.html (Detected as 'Troj/DocDl-AGDX' type: 'Malware')
\\fs1\web\old\web_images\bg.png (17%)
...
\\fs1\web\public_html\s\uploaded_files\0.jpg (100%)

Detections:
\\fs1\web\exploit.docx (Detected as 'Mal/DocDl-C' type: 'Malware')
\\fs1\web\test\payload.html (Detected as 'Troj/DocDl-AGDX' type: 'Malware')

Scan summary:
Detections: 2
Clean files: 132
Unscanned files: 0
Inaccessible files: 0

Regards,

Thanks for your answer.

Unfortunately, SophosInterceptXCLI.exe is not available in my installation.

Thanks for your answer.

Unfortunately, SophosInterceptXCLI.exe is not available in my installation.

You might need 2022.1. You could ask support to move you on to it. Thanks.

You might be able to get it by adding one computer to the EAP as a test. It just depends on if your account has been migrated. Maybe worth a try.

Our installed Version is 2021.3.1.11 and it shows that it is up to date.

I'll contact the Sophos Support. 

Thanks for your Help!