When troubleshooting issues involving the on-access scanner, it may be necessary to log the Sophos Anti-Virus (SAV) on-access scanner actions performed on files.
Note: This level of logging should only be used for debugging purposes and should not be left enabled for long periods as it greatly increases the size of the SAV.txt log file.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Central Managed EndpointSophos Endpoint Security and Control
This procedure involves modifying your registry. Before attempting this procedure, read and understand the warning and instructions in Editing the Windows registry. Also, the tamper protection has to be disabled before doing the steps below.
When enabled, SAV.txt log can quickly fill a large number of entries and increase in size. For this reason, make sure to enable logging for a time, gather necessary troubleshooting logs and disable it.
C:\Documents and settings\all users\application data\sophos\sophos antivirus\logs
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.