Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 4321 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Log file for all changes made on Enterprise Console?

chaunka420

Hi,

I couldn't find any log files for all changes made on the latest version of the enterprise console (5.1.0.389).  Ex.  You set Sophos to run a scheduled scan.  Is this action logged somewhere?  This would be nice for tracking what changes over time have been made to your console.  

:34301


This thread was automatically locked due to age.
  • 0

    Hi,

    Auditing is coming in SEC 5.2 which shouldn't be too far off.

    Regards,

    Jak

    :34303
  • 0

    thanks.  wish I had it for now though. haha.

    :34309
  • 0

    Hi,

    could you tell when SEC 5.2 will be available?

    Regards

    Marcus

    :34957
  • 0

    Hi Jak,

    I read  your comment with great interest, as I am asking for this feature now for many years.

    Would you have any more information on this auditing? What gets audited, if there is an ETA on when this is planned to come out?

    Not even a month ago I logged a support query with Sophos and I was told that this feature isn't available nor were there any plans for it.

    ************

    Your Question:
    Is it possible to find out from Sophos (or the database) who did these actions?

    Answer:
    This feature is at the moment not available. At this stage we can not say unfortunately when this feature is implemented.

    ************

    The question was:

    Description: We noticed that someone accessed Sophos and changed the Application Control policy to allow some software (Firefox) that previously was being blocked.
    Is it possible to find out from Sophos (or the database) who did these actions? Is there anything like auditing, events or logfiles where we can track who used the Sophos Enterprise Console and what changes where done? (similar to Windows Events).

    ************

    Many thanks

     André

    :35049
  • 0

    Hi Andre, I suspect that the reason why you were given that information is a breakdown in communications between Dev and Support, or possibly the timeframe between asking the question and the new feature being implimented.

    That being said we do not communicate prototype design decisions as often the actual solution will change over time or in some cases may be abandoned until a later date, or in some cases postponed indefinitely. Granted it would be nice to be able to say all of the things we do work on however often it is not practical as things change over time. However promising to deliver everything we want to and continually failing to do that would probably upset pretty much everyone so where possible we try to avoid that until things are pretty much ready to ship / Beta stages.

    Regarding the level of auditing I cannot comment on that as I am not working on that feature, hope this clears things up.

    :35055
  • 0

    Hi JoltCube,

    thanks very much for your reply. I fully understand the reasoning behind it. I was just curious, as the audit logs is a whishlist on my part (rather a must have in our environment) and I just felt like a kid wanting to have an early peek at the christmas present that would be coming :smileywink:

    Kind regards

    André

    :35057
  • 0

    Hello André,

    have an early peek

    you can have more than a - not that much but nevertheless early - peek if you take part in the Beta (it will be announced on this page). It is, apart from bug-hunting, an opportunity to influence the design to a certain extent. 

    Christian

    :35117