Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tell if Sophos is working - many 'Failed' in logs

Greetings, I am brand new to this community... looking forward to understanding Sophos better.

The point of this first post.  How can I determine if Sophos is running as it should?... I recently looked at Sophos log files at C:\ProgramData\Sophos\Sophos Anti-Virus\logs

When I run a scan, it takes very long time, then looks to finish but shows last scan was not current. Looking in the log files.. there are approaching half of the lines indicating 'Failed' (4600 lines in 11000 total)

Several years ago we moved to Office 365 and OneDrive. One of the things IT has done was to move what looks to be all of My Documents, Desktop, pictures etc to OneDrive. As I understand it, with this in place... setting up a new computer is expedited in that these locations come automatically to the new computer as soon as the user's account is logged into.

Is Sophos compatible with scanning locations that are in OneDrive?

 

 



This thread was automatically locked due to age.
Parents
  • Hi  

    You can check if the Sophos is running fine and is to up-to-date on your machine from the UI itself, you can check this article for more information. For the log files of items being scanned by Sophos endpoint, you are looking into the correct directory(C:\ProgramData\Sophos\Sophos Anti-Virus\logs), please refer to this article for the location of all the log files. What are the error messages you are seeing under the logs, could you please help me with those errors? Sophos does scan onedrive files, you can also manually scan the files, and check under the AV scanning logs. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • I attempted to upload SAV-Trace.txt.  (I edited out references to user names and the like.)

    Errors and Failed typically are... 

    Warning: Failed to sweep object

    error code = 0xa0040202

    Error code = 0xa004021a

    Error code = 0xa0040210

     

     

    0878.SAV-Trace.txt

     

     

     

     

  • Hi  

    Thank you for the information.

    I'd recommend you to refer sav.txt file to check the scan results, as this is the file which keeps the track of all detections, scans or virus definition updates done by Sophos AV.

    You'll have better visibility over what errors have occurred and Anti-virus provides error while scanning the encrypted files and the files where Sophos doesn't have proper permissions to read them.

    Regarding, one drive scanning locations, they are synced with the locations of the hard drive like my document, download and etc. These drive-based folders will be scanned during the scheduled scan and when someone will try to access any file from one drive which is apart from these folders, they will be scanned by the on-access scanner.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Reply
  • Hi  

    Thank you for the information.

    I'd recommend you to refer sav.txt file to check the scan results, as this is the file which keeps the track of all detections, scans or virus definition updates done by Sophos AV.

    You'll have better visibility over what errors have occurred and Anti-virus provides error while scanning the encrypted files and the files where Sophos doesn't have proper permissions to read them.

    Regarding, one drive scanning locations, they are synced with the locations of the hard drive like my document, download and etc. These drive-based folders will be scanned during the scheduled scan and when someone will try to access any file from one drive which is apart from these folders, they will be scanned by the on-access scanner.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Children
No Data