This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central Notifications - No emails ever sent

We used to use SEC and this all worked fine.  We mainly used to use Email notifications to monitor when users were plugging in USB devices, and it also used to send us an email detailing which files had been copied.

When we moved to Sophos central, it appeared it might have been lesser functionality but atleast there was some functionality but for us atleast it simply doesn't at all.

In Global Settings > Configure email Alerts we have tested just leaving it default, then we have tried custom rules with internal and external email address but Sophos never ever sends any emails.

We have tested Setting High Alert, Medium and Info from hourly, daily to Immediately and still nothing is ever sent.

If I look at a person or device I can see events are getting logged but no emails are ever generated. 

If I change settings in Peripheral control such as making devices read only, or change desktop messaging these settings are all reflecting ok on the clients.  Plugging a USB device in creates an Informational Event entry which should send an email ... but doesn't

Any advice, because for now its almost useless, especially if we do encounter ransom or malware and sophos system doesn't work right.

I ofc have checked things like spam folders, but tbh I have also do Mail flows on o365 and that doesn't show any emails ever arriving from Sophos.

To make this harder to resolve, in April we did actually get one email from Sophos central.  We had cloned a HDD and sophos central sent a medium alert email saying "We detected a clone device".  So we know emails aren't getting blocked by us, its simply sophos never sending any thing.



This thread was automatically locked due to age.
Parents
  • I am currently doing a trial with Sophos Central and I'm running into the exact same issue.

    I have downloaded an Eicar file and it ends up in the event list, but no alert is generated or send out by mail. I have set the frequency to "immediately", created custom rules and enabled all alerts.

    The alerts dashboard still shows "0 Total alerts".

    It looks like a technical issue.

  • I have configured a disk encryption policy and added a device to it, that in turn generated an alert and an email notification.

    So the issue seems to specific to "Endpoint Protection" events.

Reply Children
No Data