What are the registry keys I can use to verify my sophos is enabled and up to date? (Winodws 11)
This thread was automatically locked due to age.
What are the registry keys I can use to verify my sophos is enabled and up to date? (Winodws 11)
Thank you for reaching the community,
For verifying the registry, you may refer to this documentation.
For update, if the endpoint is updating correctly, your endpoint status will show green/healthy status. You can also validate this by opening the Sophos UI and clicking "About," which can be seen on the lower right of the UI. A new window will appear, then click "Open Endpoint Self help tool". And go to the "Management Communication" tab once the new window appears.
Thank you for your reply
Unfortunately it does not solve my problem. I checked the documentation before and it says that it applies to:
I'm not exctly sure how to interpret Sophos Central Endpoint. I want to be able to check the registy for Sophos Intercept X - does it use the central endpoint? It's a bit unclear for me.
Based on documentation this is a value I'm interested in, but the registry key does not exist on my windows machine.
There isn't really a supportable interface via the registry for this. Nothing that says "up to date" as such but if I had to pick something for up to date state:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\AutoUpdate\UpdateStatus
Result = 0 is good and LastUpdateTime could be used to compare against the current time taking into account some window.
The policies from Sophos Central are stored here:HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Management\Policy but as for a state that says it's working, maybe the Health status: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\Health\Status
As I say, this could all change and I think there is going to be a new set of health state under:
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Management\SharedState\
But it isn't fully available yet.