Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 10 subscribers
  • Views 3208 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

File Integrity Monitoring

Lisa Busby

Hi All,

 

We have rolled out file integrity monitoring. My question is can someone share with me how they are reviewing these events daily? We have a central log monitor, but since Sophos does not write any detail to the event's general message, only in the detail, it is of no use to us. My only option at this time is to manually review each server's event log daily which is not practical. There are no events in Sophos Central other than to indicate monitoring status. So really, at this point, it is only a tool we can use when researching an event that was detected by other means and not something we can use for proactive monitoring. Thanks.



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Badrobot

    I have setup writing to my eventlog, but all events have the same message "FIM Event" while everything else it written under the details tab of the event. Because of this, my 3rd party reporting tools are useless which is why I was asking what others are using.

Children
Unfiltered HTML