Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 5216 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sophos anti virus Event ids

Martin

Hi

I'm setting up Tivoli software to monitor sophos anti virus,  does anyone know what windows event id's are genterated by sophos

when a virus is detected or sophos stops running?

:345


This thread was automatically locked due to age.
  • 0

    Hi,

    I would suggest using Evntwin.exe to get the event IDs and their text. This should be installed if you add the feature "Simple Network Management Protocol (SNMP).

    Once installed run: Evntwin.exe

    Choose "Custom" as the "Configuration type" Then click "Edit".

    You can then choose the "Event sources": "Application" - "Sophos Anti-Virus"

    As a quick method, if you detect Eicar on your machine you can then check the event logs but the above method will give you access to all the messages Sophos Anti-Virus will log from the source "Sophos Anti-Virus" to the Application event log.

    I hope this helps. 

    :369
Unfiltered HTML