Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 5725 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Event ID description

Dhillon

Where can I get a list of the Sophos endpoint Event IDs

Eg.

Event ID 32 is for Malware detected

Event ID 16 is Adware and PUA

Event ID 52 is Application Control

Cheers

Dhillon

:7337


This thread was automatically locked due to age.
  • 0

    If you enable the SNMP component of Windows it will install the executable evntwin.exe.

    If you run this and then choose "Custom", then "Edit" you can browse the event sources.  If you start with "Application" - "Sophos Anti-virus" you'll see on the left the resource strings.  SAVOnAccess in the System log is also worth a look.

    Hope that helps.

    Jak

    :7339
  • 0

    thanks there are a lot of events!

    the main events seem to be under "Sophos Anti-Virus"

    so does each event correspond to a category (as per my first thread)? i didnt see a column or a way to add it

    :7505
Unfiltered HTML