The Events page shows events on the computer or server, for example threats detected.

Restriction You may not have all the features described here. This depends on your license.

You can filter events, for example to show only events that require you to take action, or search for specific types of events.

The Events list

The list shows:

  • The severity. An icon on the far left of the list shows whether the event is high priority, medium priority, or a notification.
  • The source. An icon on the left of the list indicates the Sophos feature that reported the event.
  • The date and time when the event occurred.
  • A description of the event.
  • A link that lets you take action (if any action is needed). This is shown only if you have signed in as an administrator.

To view details of each event, click the arrow to the right to expand it.

The actions you can take are the same as those available in Sophos Central Admin See the list on the Alerts page in Sophos Central Admin help.

You can filter events by the following types:

Event type


Malware and PUAs

Malware is a general term for malicious software. It includes viruses, worms, Trojans and spyware.

Potentially unwanted applications (PUAs) are programs that aren't malicious, such as dialers, remote administration tools and hacking tools, but are generally considered unsuitable for most business networks.

Web threats

Web threats include malicious websites, uncategorized websites, and risky downloads.

Some websites are also generally considered unsuitable for business networks, for example adult websites or social media. These can be blocked.

Malicious behavior

Malicious behavior is suspicious behavior detected in software that is already running on the computer or server.

Ransomware is malicious software that denies you access to your files until you pay a ransom.

Controlled Items

This category includes:

  • Applications that are not a security threat, but that you decide are unsuitable for use in the office.
  • Peripherals and removable media.
  • Risky downloads or websites that are inappropriate for the office.
  • Files containing sensitive information (like personal or financial details) that you don't want to leak.

Malicious Traffic

Malicious traffic is traffic between computers that indicates a possible attempt to take control of the computer or server (a “command and control” attack).


Exploits that Sophos can prevent include application hijacking and exploits that take advantage of vulnerabilities in browsers, browser plug-ins, Java applications, media applications and Microsoft Office applications.