Information on Windows Server-Side Log Files for Endpoint Security and Control

  • Article ID: 116523
  • Rating:
  • 2 customers rated this article 3.5 out of 6
  • Updated: 03 Feb 2014

This article provides information on the various log files for each of the server components in Sophos Endpoint Security and Control. The presence of the log files below will depend on whether the specific component is installed or active. For Endpoint log files see article 43391

Jump to the relevant component using the following links:

Sophos Enterprise Console

Sophos Enterprise Console.msi.log
Location C:\WINNT\Temp\ or C:\Windows\Temp
Description Installation log for Sophos Enterprise Console

Sophos_Upgrade_Assistant_log.txt
Location C:\WINNT\Temp\ or C:\Windows\Temp
Description Log of steps/checks performed by the Sophos upgrade assistant

Setup.exe.debug.log
Location C:\WINNT\Temp\ or C:\Windows\Temp
Description Debug log that detailing the identification of pre-requisites, reboot requirements and their installation

Sophos_bootstrapper mm-dd-yyyy hh_mm_ss.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Management Installer\
Windows Vista and above: C:\ProgramData\Sophos\Management Installer\
Description Details pre-requisite requirements and installation calls to MSIs

'Sophos_Console64msi mm-dd-yyyy hh_mm_ss.log' or 'Sophos_Console32msi mm-dd-yyyy hh_mm_ss.log'
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Management Installer\
Windows Vista and above: C:\ProgramData\Sophos\Management Installer\
Description Console MSI install log

Sophos Management Server

'Sophos_Server64msi mm-dd-yyyy hh_mm_ss.log' or 'Sophos_Server32msi mm-dd-yyyy hh_mm_ss.log'
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Management Installer\
Windows Vista and above: C:\ProgramData\Sophos\Management Installer\
Description Management Server MSI install log

Sophos Management Host Service

FrontEndService.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\ManagementServer\log\
Windows Vista and above: C:\ProgramData\Sophos\ManagementServer\log\
Description Management Host Service log

DirectoryService.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\ManagementServer\log\
Windows Vista and above: C:\ProgramData\Sophos\ManagementServer\log\
Description Logs interactions between plugins and directory services. Additionally logs interactions with the Management Service.

Sophos-ui-framework.log
Location Windows 2000/XP/2003: C:\Documents and Settings\\Application Data\Sophos\Sophos Endpoint Management\log\
Windows Vista and above: C:\Users\\AppData\Local\Sophos\Sophos Endpoint Management\log\
Description Logs interactions between the Sophos UI Framework and the Management Host Service

AuditingService.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\ManagementServer\log\
Windows Vista and above: C:\ProgramData\Sophos\ManagementServer\log\
Description Logs interactions with the Auditing plugin

EncryptionEFService.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\ManagementServer\log\
Windows Vista and above: C:\ProgramData\Sophos\ManagementServer\log\
Description Logs interactions with the Encryption plugin

IdentityService.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\ManagementServer\log\
Windows Vista and above: C:\ProgramData\Sophos\ManagementServer\log\
Description Logs actions performed by the IdentityService (part of auditing)

Webcontrol.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\ManagementServer\log\
Windows Vista and above: C:\ProgramData\Sophos\ManagementServer\log\
Description Details actions performed by the web control plug-ins loaded into the Management Host Service

Sophos Update Manager

SUMLog-yyyymmdd-hhmmss.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Update Manager\Logs\
Description Details downloads and distribution updates performed by Sophos Update Manager. Must be viewed with the LogViewer.exe (C:\Program Files\Sophos\Enterprise Console\SUM\LogViewer.exe)

SUMTrace-yyyymmdd-hhmmss.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Update Manager\Logs\
Description Verbose log detailing downloads and distribution updates performed by Sophos Update Manager.

SUMSelfUpdaterLog.txt
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\Decoded-SDDM\'GUID'
Windows Vista and above: C:\ProgramData\Sophos\Update Manager\Working\Decoded-SDDM\'GUID'
Description Details updates to Sophos Update Manager

Sophos Remote Management System

Agent-yyyymmdd-hhmmss.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Agent\Logs
Windows Vista and above: C:\ProgramData\Sophos\Remote Management System\3\Agent\Logs
Description Remote Management System agent log

CMIssuedCertificates.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\CertificationManager\IssuedCert\
Windows Vista and above: C:\ProgramData\Sophos\Remote Management System\3\CertificationManager\IssuedCert\
Description Log of certificates issued by the Certification Manager

CertManager-yyyymmdd-hhmmss.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\CertificationManager\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Remote Management System\3\CertificationManager\Logs\
Description Actions performed by the Certification Manager

Router-yyyymmdd-hhmmss.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Router\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Remote Management System\3\Router\Logs\
Description Actions performed by the Sophos Message Router

Sophos Patch Control

PatchDataLoader.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Patch\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Patch\Logs\
Description Details actions of patchdataloader.exe including the download of identities and import into the database.

PatchEndpointCommunicator.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Patch\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Patch\Logs\
Description Logs communication from endpoints

PatchEndpointOrchestrator.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Patch\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Patch\Logs\
Description Details writing of endpoint information to the database

PatchFeedProcessor.log
Location Windows 2000/XP/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Patch\Logs\
Windows Vista and above: C:\ProgramData\Sophos\Patch\Logs\
Description Logs download and import actions

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments