The tamper protection log shows two types of
event:
-
Successful tamper protection authentication events, showing the
name of the authenticated user and the time of authentication.
-
Failed attempts to tamper, showing the name of the targeted
Sophos product or component, the time of the attempt, and the
details of the user responsible for the attempt.
You must be a member of the SophosAdministrator group
to view the tamper protection log.
To view the tamper protection log:
From the log page, you can copy the log to the clipboard, or
email, or print the log.
To find specific text in the log, click Find and enter the text you want to
find.