This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise Console doesn't logs any hash of malicious files detected by Sophos Endpoint agent

As far as I know the hash of the files that have been detected by Sophos agent on clients are not logged (neither on Console DB or at client side) Am I wrong?

Is there a way to retrieve the MD5, SHA1 or whathever hash for the files detected as malicious from the Sophos agent running on the client?

There is also a feature request about this here:

- http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/7060110-sophos-enterprise-console-write-hash-value-in-mss

we tested this on Sophos Enterprise Console 5.2.2: does v. 5.3 includes this basic feature?

I think this feature should have high priority to support the Incident Response phases.

This thread was automatically locked due to age.

Parents

0 QC over 9 years ago

Hello DavideP,

what could be the benefit of this feature, i.e. what would one do with this information?

Christian
:56716
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 9 years ago

Hello DavideP,

what could be the benefit of this feature, i.e. what would one do with this information?

Christian
:56716
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data