Output configuration
You can output the device's configuration from the command line. This lets other applications check security settings easily, rather than using methods like accessing the registry.
You can only output a pre-defined list of Sophos Central policy settings that the device uses.
You use the command-line tool sophosinterceptxcli.exe. This tool is available in the following location: C:/Program Files/Sophos/Endpoint Defense.
Sign in as an administrator. If you don't, the tool can't access the configuration data.
Query configuration
To output configuration, use the query command with the configuration subcommand and, optionally, the setting you want.
query configuration [policy setting] [--name] [--json]
Policy settings
Currently only one policy setting can be output.
| Policy option | Description |
|---|---|
| on_access_scan_enabled | Enable real-time scanning |
Parameters
| Parameter | Description |
|---|---|
| --json | Outputs the configuration in JSON format. |
| --name | Outputs the named policy option only. |
--name might be useful in future when the query can output multiple options.