Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
This article provides further information on the process for running and obtaining the Sophos Diagnostic Utility (SDU) when triggered from Sophos Central.
This process allows the Sophos Diagnostic Utility (SDU) to be run on a Central managed Windows computer/server or macOS computer from Sophos Central Admin and to automatically be uploaded to a Sophos address without the need to visit the device itself.
The following sections are covered:
To run the Sophos Diagnostic Utility on a device:
From Sophos Central you can view the current status of the Sophos Diagnostic Utility being run. This can be found by scrolling to the bottom of the Windows computer/server Summary page to the Sophos Diagnostic Utility Status section.
This section displays:
The following screenshot shows the status when the Diagnose has been triggered:
Status shows the tool is currently Running on the device. Last Run shows when the command to run the utility was sent to the device. File Name shows the file name of the diagnostic log created on the device and uploaded to Sophos. The filename consists of the Sophos computer/server ID followed by the date/time stamp.
The following screenshot shows the status when the utility has completed running:
In any communication with Support, after running the utility provide the File Name specified at the bottom of the Summary page for a computer/server:
When the utility is run this action is logged in the Audit Log. This can be accessed under Logs & Reports > Audit Logs. The log entry will display:
We store the command to run the Sophos Diagnostic Utility for up to 14 days. Within this time frame if the device is turned on the command will be run once communication with Sophos Central takes place. If the device is turned off for longer than 14 days the command to run the Sophos Diagnostic Utility will be deleted.
The resulting zip file created as part of this process is uploaded to the sophos.com domain using HTTPS (port 443). As access to this domain and port is already required for successful installation, registration and subsequent communication from a Sophos Central computer/server to the Sophos Central Admin and vice versa as detailed in article Sophos Central: Domains and ports required for communication to and from Sophos Central Admin and the Sophos Central managed endpoint, you should not need to make any further changes to allow the upload to succeed.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.