There are two types of tamper protection event:
- Successful tamper protection
authentication events, showing the name of the authenticated user and the time
of authentication.
- Failed attempts to tamper, showing the
name of the targeted Sophos product or component, the time of the attempt, and
the details of the user responsible for the attempt.
To view tamper protection events:
You can export the list of events to a file. For
details, see
Export the list of events to a file.