Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 9 subscribers
  • Views 2874 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Reliably determine the Sophos client AV version from log files?

LWS

Hello all,

I wish to determine the version of Sophos client AV from a log file so I can monitor version information daily from our monitoring tool. I see that the SAV.txt file contains version information, but I can not find any information that states how often/why this file is updated with the version information.

For example, is this file only updated after a scan, and not after the Sophos client AV version is updated and therefore will not contain the latest version information?

I can also see an autoupdate log file but the format appears to be suited for a Sophos log viewing client which I cannot use.

Is there any way to reliably determine the version number of Sophos client AV from the log files?

 

Cheers.



This thread was automatically locked due to age.
Parents
  • 0

    Hello LWS,

    short answer: Not possible

    Long answer starting with a question:
    What will you do with this version information or what could it possibly tell you?
    The SAV version proper (e.g. 10.8.1) changes every few months and mainly indicates software functionality. The threat detection engine version (e.g. 3.72.1) also changes infrequently. The detection data libraries (currently 5.51) are updated roughly monthly and individual detection data (IDEs, right now 198) are added several times a day (and when this happens you get the This version can detect 20502470 items line). To determine whether the product is up to date you should check whether the latest data protection updates have been received.

    Christian

Reply
  • 0

    Hello LWS,

    short answer: Not possible

    Long answer starting with a question:
    What will you do with this version information or what could it possibly tell you?
    The SAV version proper (e.g. 10.8.1) changes every few months and mainly indicates software functionality. The threat detection engine version (e.g. 3.72.1) also changes infrequently. The detection data libraries (currently 5.51) are updated roughly monthly and individual detection data (IDEs, right now 198) are added several times a day (and when this happens you get the This version can detect 20502470 items line). To determine whether the product is up to date you should check whether the latest data protection updates have been received.

    Christian

Children
No Data
Unfiltered HTML