I created a Threat Protection Policy and enabled Deep scan and Scheduled it for only one file server.
Today, I'm trying to find the log of the scan and see if it deleted or quarantined anything. Where can I find this?
Hi Ali,
Thanks for reaching out to the Sophos Community Forum.
If anything is detected while a scan is ongoing, you will see detections show up in Sophos Central, the same way they would be displayed if they were picked up by on-access scanning.
Logs can be found at "C:\ProgramData\Sophos\Endpoint Defense\Logs\". The default log level will only record errors or warnings.
If you wish to see further details on what is being scanned, you can use the "Tools" section of the Endpoint Self-Help tool to increase the log level under "SSPService.exe" in the "Product Logging" section.
Hi Ali,
Thanks for reaching out to the Sophos Community Forum.
If anything is detected while a scan is ongoing, you will see detections show up in Sophos Central, the same way they would be displayed if they were picked up by on-access scanning.
Logs can be found at "C:\ProgramData\Sophos\Endpoint Defense\Logs\". The default log level will only record errors or warnings.
If you wish to see further details on what is being scanned, you can use the "Tools" section of the Endpoint Self-Help tool to increase the log level under "SSPService.exe" in the "Product Logging" section.
