This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Threat detection Log sample

Hello,

I have a log sample from Sophos Data Control module. I need such a sample from the threat detection module. Can someone post such a log sample please?

2014-11-21 16:39:04 INFO: InsertedAt=2014-11-21 21:38:59; EventID=4129451; EventTime=2014-11-21 21:39:00; EventTypeID=7; EventType=Data control; Name=; ReportingName=Virtualization images; UserName=MYDOMAIN\username; ActionID=4; Action=Alert only; ScanTypeID=; ScanType=; SubTypeID=; SubType=; ComputerName=MYMACHINE; ComputerDomain=MYDOMAIN; ComputerIPAddress=10.10.10.10

Thank you,

Doron

This thread was automatically locked due to age.

Parents

0 exa-doron over 10 years ago

Christian,
Thank you for your quick reply.
I found what I was looking for. It was a Viruses/spyware event type:
2014-10-24 15:09:04 INFO: InsertedAt=2014-10-24 22:07:33; EventID=123456; EventTime=2014-10-24 22:07:15; EventTypeID=1; EventType=Viruses/spyware; Name=Troj/Regin-Fam; ReportingName=Troj/Regin-Fam; UserName=MYMACHINE\doron; ActionID=116; Action=Blocked; ScanTypeID=201; ScanType=On access; SubTypeID=0; SubType=Other type; ComputerName=MYMACHINE; ComputerDomain=MYDOMAIN; ComputerIPAddress=10.10.10.10
Doron
:54916
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 exa-doron over 10 years ago

Christian,
Thank you for your quick reply.
I found what I was looking for. It was a Viruses/spyware event type:
2014-10-24 15:09:04 INFO: InsertedAt=2014-10-24 22:07:33; EventID=123456; EventTime=2014-10-24 22:07:15; EventTypeID=1; EventType=Viruses/spyware; Name=Troj/Regin-Fam; ReportingName=Troj/Regin-Fam; UserName=MYMACHINE\doron; ActionID=116; Action=Blocked; ScanTypeID=201; ScanType=On access; SubTypeID=0; SubType=Other type; ComputerName=MYMACHINE; ComputerDomain=MYDOMAIN; ComputerIPAddress=10.10.10.10
Doron
:54916
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data