Sophos diagnose Utility from Console end

Question

Hi Team, 
 
 We could see a button Diagnose from console end to collect and send logs directly to Sophos. 
 But may we know that Will they be sent if logged in user don't have access over Temp folder as created logs are stored in Temp folder. 
 
 Regards, 
 Balarama Kishore Yerra

QC · Accepted Answer

Hello Balarama Kishore Yerra , 
 please see Sophos Diagnostic Utility (SDU) - How to run from Sophos Central that says ... and to automatically be uploaded to a Sophos address without the need to visit the device itself . So no user interaction or access to the folder is required. 
 Christian

jak · Answer

The zip file will be uploaded to Sophos at the end. It will be sent by "C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility\uploader.exe" https://community.sophos.com/kb/en-us/133466 
 I'm not sure what you're getting at regarding the user having access? MCS Client service (MCSClient.exe) picks up the action message from Central to run a diagnose task. It passes a message to the MCS Agent service (MCSAgent.exe). The Agent process is running as local system and creates the process: "C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility\uploader.exe" -uploadurl sdu-feedback.sophos.com/.../[endpointid]_[Date Time].zip Uploader then calls: "C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility\sducli.exe" -logdir=C:\WINDOWS\TEMP\sdu\ -archive=[endpointid]_[Date Time].zip 
 Sducli.exe creates the zip file given the filename and path. At the end the zip is uplaoded to https://sdu-feedback.sophos.com by uploader.exe. 
 If you want to be able to generate the zip files (i.e. drop them to disk) but not send them, I guess you'd have to block https://sdu-feedback.sophos.com in some way. 
 Regards, 
 Jak