Hi Partners,

Today we published the New and Updated Datto RMM Components to the ComStore.

Updated Components

Sophos Central [WIN] & [macOS]

  • Scripts updated to ensure proper installation of Sophos Central Intercept X

Sophos Central Monitor [WIN] & [macOS]

  • Change the name to Sophos Central Install Monitor
  • This monitor is only used to ensure Sophos is installed on your clients devices

New Components

Sophos Central Status Monitor [WIN]

  • Dedicated Monitor for the status of the Sophos Central Endpoint
  • Verifies Sophos Central is Running and Updated
  • Checks for Threats & Suspicious Detections on the Endpoint
  • Checks for Reboots Pending and Endpoint in a Unhealthy State
  • Alerts with extra data in the Alert Details from the Endpoint

Sophos Central Status Monitor [macOS]

  • Dedicated Monitor for the status of the Sophos Central Endpoint
  • Verifies Sophos Central is running. Up-to-Date coming soon!
  • Checks to ensure the Sophos Central Extensions were enabled

The integrations documentation has also been updated for these New Components. Here

Thanks,

Steve Weber

Global Solutions Engineer, MSP

Parents
  • Hi Steve, what is the process if the machine is alerting due to not having any of the required registry keys set that the status monitor looks at?

    I assume something within the Sophos Central endpoint is setting these keys, so if the GUI is reporting healthy but the registry keys are not set the status monitor flags an alert.

    At the moment the diagnostics just show that the keys are empty, but no detection of the empty key is done in the script so is essentially a false positive (and no clues either in the documentation or KB page on how to get these keys enumerated).

Comment
  • Hi Steve, what is the process if the machine is alerting due to not having any of the required registry keys set that the status monitor looks at?

    I assume something within the Sophos Central endpoint is setting these keys, so if the GUI is reporting healthy but the registry keys are not set the status monitor flags an alert.

    At the moment the diagnostics just show that the keys are empty, but no detection of the empty key is done in the script so is essentially a false positive (and no clues either in the documentation or KB page on how to get these keys enumerated).

Children