Management event types

These are the event types related to managing devices and users you can see in Sophos Central.

Depending on the features included in your license, you may see all or some of the following event types. You may also see Device Encryption alerts, see Alerts for Device Encryption.

Product Updates

Event type

Severity

Action required?

Computer or server out of date

Medium

Yes

Update succeeded

Low

No

Update failed

Low

No

Reboot recommended

Low

No

Reboot required

Medium

Yes

Policy Violations

Event type

Severity

Action required?

Description

Policy non-compliance

Medium

Yes

An alert will be displayed on the Alerts page if a computer remains non-compliant for more than two hours.

Policy in compliance

Low

No

Real-time protection disabled

High

Yes

An alert will be displayed on the Alerts page if real-time protection has been disabled for a computer for more than 2.5 hours.

Real-time protection re-enabled

Low

No

Protection Issues

Event type

Severity

Action required?

Description

New computer or server registered

Low

No

Computer or server re-protected

Low

No

New computer or server protected

Low

No

Failed to protect computer or server

High

Yes

A computer has started installation of the agent software but has not become protected for one hour.

Error reported

Low

No

Scan completion

Low

No

New logins added

Low

No

New users added automatically

Low

No

Duplicate devices

Sophos Central warns you if it detects duplicate devices. If devices have been cloned from an image they have the same ID. Duplicate IDs can cause management issues. See Duplicate device detection.

Event type

Severity

Action required?

Description

Duplicate device detection

Medium

No

An alert will appear on the Alerts page if a duplicate device is detected. Duplicated devices are re-registered with a new ID.

Device de-duplicated

Low

Yes

Check that the groups and policies for the de-duplicated devices are correct.

Active Directory Synchronization

Event type

Severity

Action required?

Description

Active Directory synchronization error

High

Yes

An alert will appear on the Alerts page if an Active Directory synchronization error is not resolved automatically for more than one hour.

Active Directory synchronization succeeded

Low

No

Active Directory synchronization warning

Medium

No