There does not seem to be any information on what the component is and does. Can anyone explain, and with as many details as possible? (I will take whatever I can get though)
This thread was automatically locked due to age.
How about providing a link? KBA125044 returns nothing but this thread on Google/Sophos search.
Taking a look at the Sophos Data Recorder service ("C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe") it appears to use the "NT Kernel Logger" event trace session and creates once called SophosDataRecorderKernelTrace.
Process Monitor creates"PROCMON TRACE", Process Explorer creates "PROCEXP TRACE", etc..
The SophosDataRecorderKernelTrace uses a number of providers I assume to monitor events it's interested in. You can see this looking at the above session properties.
This data (types of data collected) appears to be in files stored here: "C:\ProgramData\Sophos\Sophos Data Recorder\data\") is presumably correlated when there is an event (beacon), E.g. detect eicar, into the data that feeds the RCA reports in Central, i.e. the data behind the artifacts and the info used to create the visualisations.
It logs to:
C:\ProgramData\Sophos\Sophos Data Recorder\logs\sdr.log
Taking a look at the Sophos Data Recorder service ("C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe") it appears to use the "NT Kernel Logger" event trace session and creates once called SophosDataRecorderKernelTrace.
Process Monitor creates"PROCMON TRACE", Process Explorer creates "PROCEXP TRACE", etc..
The SophosDataRecorderKernelTrace uses a number of providers I assume to monitor events it's interested in. You can see this looking at the above session properties.
This data (types of data collected) appears to be in files stored here: "C:\ProgramData\Sophos\Sophos Data Recorder\data\") is presumably correlated when there is an event (beacon), E.g. detect eicar, into the data that feeds the RCA reports in Central, i.e. the data behind the artifacts and the info used to create the visualisations.
It logs to:
C:\ProgramData\Sophos\Sophos Data Recorder\logs\sdr.log