I have created a new data control policy where destination is optical or removal storage, allow transfer and log event and for any of the default files. The policy works to a degree however there are some interesting results.
I have two excel doc's, now if I open doc A and file save as to the removable media nothing gets logged nor do I receive a triggered email? on the client this doesn't even register that an event had taken place? and in the sec console nothing?
If I drag & drop doc B to the removable storage bingo, events are logged both on the client and sec console and I receive my triggered email.
I have sent Sophos all the information, diag logs and even the XML policy however still no joy?
This thread was automatically locked due to age.
