24 hours to be emailed notification of malware.

My EAP v2 beta 0.3 endpoint notified me of malware at 4:33pm yesterday, and basically 24 hours later I received notification from central.

Not sure if this was a central hiccup or delay in endpoint heartbeat notifying central.

  • Was the malware cleaned up when detected or was there an issue or an outstanding action?

  • In reply to jak:

    It wasn't actually malware, just something I was legitimately using that sophos categorized as malware, understandably though I'd more put in PUA, as it was an etherium miner program, in specific the claymore miner.  It asked for manual cleanup, I simply approved its hash and all was well.

    The issue as admin is that there was a 24 hour delay in email notification for some reason.  One thing to happen on my own station when testing and acknowledging the endpoint popups, another thing for user to see and ignore then then no warning email hit my inbox.  I did grab an SDU in case we needed it.

    I did note when grabbing the SDU that Sophos Clean is currently stopped, and Management is showing as hasn't communicated since around that same time.  System will be rebooted to see if those 2 issues resolve themselves.