On-Premise Endpoint

Sophos Endpoint Software Possible to get notification of a specific virus being found?

On-Premise Endpoint requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 1 subscriber
Views 1233 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Possible to get notification of a specific virus being found?

JustinDevereaux over 15 years ago

Is it possible to get Sophos to email me if it finds a specific virus or any of its variants, specifically W32/Stuxnet-B?

Cheers

JD

This thread was automatically locked due to age.

0 QC over 15 years ago

Hello JD,

no, it's about all or none. But do you have that many detections that it matters?

Christian
:4044
Cancel
Vote Up 0 Vote Down

Cancel
0 Placebo over 15 years ago

You could make a script that checks the sophos database with the following query:
SELECT tb1.name As Computer, tb2.FirstDetectedAt, tb2.ThreatName, tb2.FullFilePath
FROM ComputersAndDeletedComputers AS tb1, ThreatInstancesAll AS tb2
WHERE tb2.ThreatName LIKE '%Stuxnet%'
AND tb2.ComputerID = tb1.ID
ORDER BY tb2.FirstDetectedAt DESC
If one or more rows is returned Sophos has found a Stuxnet variant on your network.
:4087
Cancel
Vote Up 0 Vote Down

Cancel