Disclaimer: Please contact Sophos Professional Services if you require assistance with your specific environment.
Overview
This article provides a bash script to find the versions of installed Sophos Protection Linux components and verify that all components are installed. As Sophos Protection for Linux does not have a user interface to use to check this, you can use the script below instead.
Applies to the following Sophos products and versions
Sophos Protection for Linux.
Code:
#!/bin/bash SC="\e[31m" TC="\e[91m" EC="\e[0m" GRC="\e[32m" DIR1="/opt/sophos-spl/base/bin/versionedcopy" DIR2="/opt/sophos-spl/plugins/av/bin/avscanner" DIR3="/opt/sophos-spl/plugins/eventjournaler/bin/eventjournaler" DIR4="/opt/sophos-spl/plugins/runtimedetections/bin/runtimedetections" DIR5="/opt/sophos-spl/plugins/edr/bin/edr" DIR6="/opt/sophos-spl/plugins/liveresponse/bin/liveresponse" if [ -f "$DIR1" ]; then echo echo ----------------------- echo Checking base component echo ----------------------- echo cat /opt/sophos-spl/base/VERSION.ini echo sleep 1 else echo ----------------------- echo Checking base component echo ----------------------- echo echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC echo -e $TC " $DIR1 not present" echo -e $SC XXXXXXXXXXXXXXXXXXX $EC fi if [ -f "$DIR2" ]; then echo echo -------------------------- echo Checking avscanner plugin echo -------------------------- echo cat /opt/sophos-spl/plugins/av/VERSION.ini echo sleep 1 else echo -------------------------- echo Checking avscanner plugin echo -------------------------- echo echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC echo -e $TC " $DIR2 not present" echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC fi if [ -f "$DIR3" ]; then echo echo ------------------------------ echo Checking eventjournaler plugin echo ------------------------------ echo cat /opt/sophos-spl/plugins/eventjournaler/VERSION.ini echo sleep 1 else echo ------------------------------ echo Checking eventjournaler plugin echo ------------------------------ echo echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC echo -e $TC " $DIR3 not present" echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC fi if [ -f "$DIR4" ]; then echo echo -------------------------------- echo Checking runtimedetections plugin echo -------------------------------- echo cat /opt/sophos-spl/plugins/runtimedetections/VERSION.ini echo sleep 1 else echo -------------------------------- echo Checking runtimedetections plugin echo -------------------------------- echo echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC1 echo -e $TC " $DIR4 not present" echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC fi if [ -f "$DIR5" ]; then echo echo ------------------- echo Checking edr plugin echo ------------------- echo cat /opt/sophos-spl/plugins/edr/VERSION.ini echo sleep 1 else echo ------------------- echo Checking edr plugin echo ------------------- echo echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC echo -e $TC " $DIR5 not present" echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC fi if [ -f "$DIR6" ]; then echo echo ---------------------------- echo Checking liveresponse plugin echo ---------------------------- echo cat /opt/sophos-spl/plugins/liveresponse/VERSION.ini echo sleep 1 else echo ---------------------------- echo Checking liveresponse plugin echo ---------------------------- echo echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC echo -e $TC " $DIR6 not present" echo -e $SC XXXXXXXXXXXXXXXXXXXX $EC fi sleep 2 echo --------------------------------- echo Checking sopho-spl service status echo --------------------------------- rm -rf /tmp/splpresent systemctl list-unit-files > /tmp/splpresent if grep -q 'sophos-spl.service' /tmp/splpresent; then echo -e $GRC 'sophos-spl service present' $EC sleep 1 echo Checking active status echo . sleep 1 echo . sleep 1 echo . rm -rf /tmp/splsvcstatus systemctl status sophos-spl > /tmp/splsvcstatus sleep 1 if grep -q 'Active: active' /tmp/splsvcstatus; then echo -e $GRC 'sophos-spl service is active' $EC elif grep -q 'Active: inactive' /tmp/splsvcstatus; then echo -e $SC 'sophos-spl service is not active' $EC fi else rm -rf /tmp/splnotfound systemctl status sophos-spl 2> /tmp/splnotfound if grep -q 'Unit sophos-spl.service could not be found' /tmp/splnotfound; then echo -e $SC 'sophos-spl service could not be found' $EC fi fi
Run the Script to verify the installation of SPL components
NOTE: The components of Sophos Protection for Linux are installed according to the license. If your license is eligible to install all of the listed components and you do not see some present, please contact Sophos Support.
In Windows:
In Linux
Script Output: By running the script, it should display an output like the one seen in the screenshot below: Note: The output is generated from a Linux machine running SPL version 1.2.0
If you are able to see the product name and the product version along with other build information, this confirms that the components are successfully installed.