Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 11 subscribers
  • Views 2248 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Email alerts on Sophos Central

Oreoluwa Babalola

Hi,

IS it possible to get alerts in my email for every detection the sophos endpoint makes on a device and how do i get that configued. I have tried, but i dont seem to be getting mails when i force some detections with my endpoint on my computer.



This thread was automatically locked due to age.
  • +1

    Hello  

    You will receive an email alert with SAV detections only if there is a required action, for example, if the threat needs to be cleaned up manually. If the detection is successfully blocked by Sophos and the threat is removed automatically by Sophos Endpoint (or any automatic remediation by the software is successfully done), then there are no email alerts sent.

    Please have a look at the Alerts Page and Settings FAQ for more information.

  • 0

    Hi Oreoluwa Babalola,

    the user has to be linked to a role in Sophos Central (Admin, Read Only, Helpdesk, etc.) or just be an administrator.

    Then go to Global Settings > Configure email alerts and configure e.g. a Custom Rule with the specific settings.
    You'll find more information here

    Best regards

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 18.0.3 MR-3
    Intercept X Advanced (for Server) with EDR EAP latest
    If a post solves your question use the 'Verify Answer' link

  • 0 in reply to DianneY

    Adding onto Dianne's comment, if you want to receive email alerts for all detections you can disable "Automatically clean up malware" under the Threat protection policy.  Detections will still be blocked but will not be automatically cleaned up.  This requires an administrative action and emails will be generated for threat detections.  The downside to this is that an administrator will need to log into Sophos Central to force a clean-up of these detections.

Unfiltered HTML