Note This feature will be unavailable if your license doesn't include Exploit
Prevention.
If you use role-based administration, you must have the Exploit
Prevention right to view exploit prevention events in Sophos Enterprise Console.
To view exploit prevention events:
-
On the Events menu, click Exploit
Prevention..
The Exploit Prevention - Event Viewer dialog box
appears.
-
In the Search period box, click the drop-down arrow, and
select the period for which you want to display the events.
You can either select a fixed period, for example, Within 24
hours, or select Custom and specify
your own time period by selecting the starting and ending dates and times.
-
If you want to view events for a certain User or
Computer, enter the name in the respective field.
If you leave the fields empty, events for all users and computers will be
displayed.
You can use wildcards in these fields. Use ? for any single character and *
for any string of characters.
-
If you want to view events associated with a certain type, in the
Type field, click the drop-down arrow and select the
type.
-
Click Search to display a list of events.
- You can export the list of exploit prevention events to a file.
- You can exclude exploit prevention events from exploit prevention.