This article provides the details on collecting diagnostic logs from Sophos MTR for Linux agent on systems
Applies to the following Sophos product(s) and version(s) Central Managed Threat Response [MTR] for Linux
The diagnose tool gathers all logs from the MTR Base agent , all plugins and audit log.
To run the command run:
This will output a tar.gz file to the current directory where the command was run.
To specify where the diagnostic output file should be created, run the command with selected directory as the first argument. For example to output the diagnostic log collection to "/tmp":
# /opt/sophos-spl/bin/sophos_diagnose /tmp
The verbosity or debug level of the logs can be changed by editing the file " /opt/sophos-spl/base/etc/logger.conf" and changing the value for VERBOSITY and then a restart of SSPL is required to pick up the change.
The value will be reset to info following the next update or restart.
To run the installer with debug logging, the following command can be used:
Related information / See also [this is an optional section, select or delete ONE or both of these options. Add links to other info/kbas as required.]
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.