Hi,
We quickly rolled out Sophos last year to our environment and did not have the time to look into configuring/utilizing all available features due to several other projects. We are now at a point where things have slowed down and we would like to revisit how we use Sophos. We have our policies set and Sophos has been doing it's job. The main area that we have not configured is our reporting. Right now this is entirely a manual process where we open the Enterprise Console, use the Events tab and search through our Web Control and Application Control Events. These are very concise and detailed reports for our purposes, but it appears that we do not have the option to schedule these as a task or configure a report with similar parameters under the Reports section.
In fact, the actual Reports section seems very limited and not practical at all for our use, as we do not have detailed information on what application/website was blocked, on what computer, by what user, at what time. The existing reports rather just tally the total amount of events for the specified time frame.
With that being said, is there a way in the SEC to automate the creation of the Application Control & Web Control Events reports? The built in export to .CSV doesn't even seem to work properly as it lists all the data in rows without columns.
I appreciate any assistance or tips that can be provided here.
Thank you,
This thread was automatically locked due to age.
