Enabling a diagnostic 'message trail' of Sophos Management Communication System

  • Article ID: 119608
  • Rating:
  • 2 customers rated this article 5.5 out of 6
  • Updated: 22 Jan 2014

This article details how to configure a diagnostic 'message trail' for Sophos Management Communication System (MCS).  Enabling a message trail may be request by Sophos Support to troubleshoot issues. 

Known to apply to the following Sophos product(s) and version(s)

UTM Managed Endpoint (Windows 2000+)
Sophos Cloud

What To Do

  1. Stop the following services:
    • 'Sophos MCS Agent'
    • 'Sophos MCS Client'
  2. Locate the 'Config' directory of MCS:
    • Windows XP/2003: 'C:\Documents and Settings\All Users\Application Data\Sophos\Management Communication System\Endpoint\Config\'.
    • Windows Vista+: C:\ProgramData\Sophos\Management Communication System\Endpoint\Config\'.
  3. Open 'Config.XML' in a text editor such as Notepad.

    Note: It is recommended you first take a backup of the file 'Config.XML' before committing any changes to the current file.

  4. Locate the section:
    Note: if it does not exist it may be created within the main 'Configuration' section.

    Add a new line between the tags (case sensitive):
    So it reads:
  5. Save 'Config.xml'.
  6. Start the following services:
    • Sophos MCS Agent'
    • 'Sophos MCS Client'
  7. To confirm enabling message trails has been successful, locate the directory:​
    • Windows XP/2003: 'C:\Documents and Settings\All Users\Application Data\Sophos\Management Communication System\Endpoint\Trail\'.
    • Windows Vista+: C:\ProgramData\Sophos\Management Communication System\Endpoint\Trail\'.
  8. Each message sent will be represented as a XML file where the file name hints at the purpose of the message:
    • Type will be either: 'status', 'event', 'policy'.
    • Component will be: 'SAV', 'ALC' (AutoUpdate), APPSPROXY.
  9. Important: Once you have captured the message files required, remember to disable the setting by repeating the steps above but setting the value to of ​'diagnosticTrailEnabled' to 0 or removing the line '<diagnosticTrailEnabled>1</diagnosticTrailEnabled>'.  
    Failure to do so will fill up the hard disk over time with XML files.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent