View the tamper protection log

The tamper protection log shows two types of event:

  • Successful tamper protection authentication events, showing the name of the authenticated user and the time of authentication.
  • Failed attempts to tamper, showing the name of the targeted Sophos product or component, the time of the attempt, and the details of the user responsible for the attempt.

You must be a member of the SophosAdministrator group to view the tamper protection log.

To view the tamper protection log:

On the Home page, under Tamper protection, click View tamper protection log.
For information about the Home page, see About the Home page.
From the log page, you can copy the log to the clipboard, or email, or print the log.

To find specific text in the log, click Find and enter the text you want to find.