Using Sophos Central Groups

Is there any easy way to add a range of endpoints to a group?

If I go to Endpoint Protection/Computers and select a range of devices (like based on version of operation system or status) there is no option to add them to a group.

Where as in Groups there is very limited options to choose devices to add them.

All I want is to add a range of Win 7 devices with medium or bad status to a group.


Edited TAGs
[edited by: Qoosh at 9:55 PM (GMT -8) on 2 Feb 2023]
  • Hi Stuart,

    Thanks for reaching out to the Sophos Community Forum.

    If you would like to automatically move devices to groups based on the device's health, this may be possible by using Sophos Central API's. The /endpoint-groups post function allows you to move devices into groups, and the /endpoints get function will allow you to query the status of devices. 

    Could you elaborate on what you're looking to do with this? Would Heartbeat be an alternative?

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Thankyou Kushal, I'll look into using the API.

    I thought it would be easier to group endpoints in bulk depending on certain criteria more than it currently is, especially considering some users have thousands of devices, like we do.

    I don't know if I'm wanting to use groups in a way its not designed, but I would like to quickly select and group certain endpoints (depending on a number of different status) that I can then query with Live Discover, and keep a close check on all in one group or similar.

  • I too had the same question and was surprised by the limited options; how to bulk add a filtered selection of Devices to a Group using the Sophos Central menu options rather than an API.

    Bulk reorganising Devices using Groups would clearly be a helpful function, even more so as Devices can only be a member of a single group. I agree with Stuart, adding Devices via the Group edit screen is limited and inefficient displaying only the Device name, and no filtering options beyond selecting Windows, Mac, or unassigned devices, and the Search field only searches Device name and no other metadata.

    Perhaps Sophos could introduce Tags to target policies at which would offer more flexibility than Groups alone.

    An example of why this would be helpful: We might use Groups to gather Devices belonging to a Dept and target policies accordingly, but then another policy might need to target all Windows 10 devices and these could be across a variety of Dept Groups.

    Groups still remain a helpful and efficient way of targeting policies vs. the per-Device, but they currently are limited in usability.