After installing Sophos, the Tasy Java Management System is slow

Good afternoon.

After installing Sophos Intercept X Advanced with XDR on a machine, the computer and our Tasy Java Management System (Philips) are very slow.

We performed some global exclusions with Tasy directories, as well as server IPs exclusions.

Even so, computers are slow.

Does anyone here use this management system and managed to get a configuration that works effectively?


Thank you very much in advance.


Rodolfo Alves Antunes Miranda



Added tags
[edited by: Gladys at 8:34 AM (GMT -7) on 16 Sep 2022]
Parents
  • Do you find that the SophosFileScanner.exe process, i.e., the "worker" (larger mem usage than the "host" SophosFileScanner.exe) is talking CPU time with real-time scanning enabled?  If so, this would suggest scanning is taking place of files.

    If that's the case, I would disable tamper protection and create the DWORD LogLevel, set to 4, under the key: 
    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Sophos File Scanner\Application
    Then restart the Sophos File Scanner service.

    The log file: C:\ProgramData\Sophos\Sophos File Scanner\Logs\sophosfilescanner.log, after a while of the problem taking place can be opened in Notepad++
    I would search for all lines which start:

    \t\t\t"path"

    That is 3 tabs before the "Path".  These are scan responses. E.g.

    The search results will give you an idea of what is being scanned if that is helpful.

    Or I suppose you could tail the log in real-time with a filter:

    gc "C:\ProgramData\Sophos\Sophos File Scanner\Logs\SophosFileScanner.log" -wait -tail 1 | where {$_ -match '\t\t\t\"Path"'}

    or to filter out the log file, as it's constantly changing:

    gc "C:\ProgramData\Sophos\Sophos File Scanner\Logs\SophosFileScanner.log" -wait -tail 1 | where {$_ -match '\t\t\t\"Path"' -and $_ -notmatch 'SophosFileScanner.log"'}

  • Good afternoon.
    Thank you for all the guidance you gave us. This alternative helped us a lot to identify all the necessary directories. We had a very positive result with the correct settings.
    Thank you very much!

  • Glad to hear it helped!

    Out of interest, was it certain files being constantly changed in a couple of locations?  I am interested to know more if you can share.

    Thanks

  • There were no changes to the files.
    We just left a few directories behind.

Reply Children
No Data