Configure Sophos Central

Generate the API Token 

The following information is required to configure Sophos Central for Beats:

• API KEY
• Authorization
• API Base URL

These three configuration keys are created by generating the API Token from the Sophos Central web console.

1. Open the Sophos Central web console: https://central.sophos.com/manage/login. 
2. In the menu on the left, select Global Settings. 
3. In the center pane, click API Token Management, and then click Add Token. 
   The Add Token dialog box appears.
4. Enter a Token Name and click Save.
   

   

   
   The token is generated and appears on the API Token Summary screen.

5. Copy the URL, x-api-key, and authorization required to configure Sophos Central. 
   

   

• The generated token applies to all products. Therefore, after you generate a token, logs for all products are available in the Beat. No extra configuration is required when additional products are added.
• Copy the Authorization Key with the Basic prefix. Not using the required Basic prefix in the authorization key will result in a 401 unauthorized error in the Beat.

Configure a System on Sophos Central

The following installation takes 10–15 minutes.

1. In the menu on the left, select Protect Devices.
   

   

2. In the center pane, click Choose Components. 
   The Component Installation Options dialog box appears.
3. From the list of products provided, select the products you want your installer to register for, and then click Download Installer.
   

   

4. After the installer is downloaded, double click the executable to install Sophos Central on your machine.
   

   

   

   In some cases, you will be prompted to restart your system. Installation resumes automatically after your system restarts.
5. To verify the installation and registration in Sophos Central, from the menu on the left, select Endpoint Protection. 
6. Select the name of the product installer you downloaded, and from the menu on the left, select Computers. 
   The list of systems registered appears.
   

   

Generate Logs

Logs are generated when a user visits a malicious link.

A Sophos Alert notification appears on screen, blocks access to the link, and generates a log in Sophos Central.

View and Export Logs

1. In the menu on the left, select Endpoint Protection, and then select Computers.
   The list of registered systems appears in the center pane.
   

   

2. Select the system you want.
3. On the Summary Tab, click View More.
   

   

4. To view a detailed list of logs, click View Events Report.
   

   

   
   A list of logs for the selected system appears.  
5. Use the filters at the top of the center pane to configure the log set for export.
   
6. To Export logs, on the bottom of the screen on the right, click Export.
   

   

7. Select the report format, and the logs export begins.