Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 9069 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Log Writer - Finding out of date machines

maps443

I am looking to use the Sophos Log Writer and Splunk to alert our support teams to machines that are not “up to date” so they can be investigated.

I know how to edit the SophosLogWriterConfig.xml to call different data sources, but can’’’’t see a .config file that contains the “Up to Date” or “Last Message Received” information.

Is this possible with the Log Writer? I can see references to a ComputerControl.config file in other community posts, but I don’’’’t seem to have this.

Ultimately, we just want to identify any machines that may have a client issue, so happy to use another field if there is something more appropriate?

Thanks for any advice!

:54327


This thread was automatically locked due to age.
Parents
  • 0

    Just in case anyone else is interested, I have logged this with Sophos.

    I think you can get this kind of info from the Reporting Interface, but I suspect the Log Writer only works with events rather than host info, and a machine turning from up-to-date to not-up-to-date is not considered an event.

    I'll confirm if/when I get clarification from Sophos support. Depending on your needs, it could be something to consider when planning your reporting set-up (especially before spending money on Splunk or some such).

    :54475
Reply
  • 0

    Just in case anyone else is interested, I have logged this with Sophos.

    I think you can get this kind of info from the Reporting Interface, but I suspect the Log Writer only works with events rather than host info, and a machine turning from up-to-date to not-up-to-date is not considered an event.

    I'll confirm if/when I get clarification from Sophos support. Depending on your needs, it could be something to consider when planning your reporting set-up (especially before spending money on Splunk or some such).

    :54475
Children
No Data