Sophos Cloud Endpoint protection gathering SDU logs remotely

We have users spread over the LAN and WAN. Was wondering if there is a tool /utility from where i can gather SDU logs of a pc remotely,  without having to physically go to the pc. 


  • Hello RaviManian,

    Central is the better forum in case there is a Central/Cloud specific tool or management feature (but AFAIK there is none).

    As there is no mechanism to collect the logs from a management console (Central or on-premise) it boils down to running a program remotely and either have it writing to some share or to access the endpoints file system remotely.


  • There is the sducli.exe in the same directory.

    C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility>sducli.exe -help

    Sophos Diagnostic Utility version: 1.14.0
    SDU configuration file version: 1.14.0

    -help Print this help message
    -sysinfo Collect system information
    -sophos Collect logs from Sophos products
    -config="X" Use configuration file X (sduconfig.xml)
    -logdir="X" Put log file in X (default %TEMP%)


    sducli.exe -sysinfo -sophos -logdir="\\\shareone"

    Appears to work, so this might offer something?  PsExec it on a one off basis?

  • Hi everyone, 

    This feature has been taken into consideration and is now available in Sophos Central. You can refer to the following article for the same.