Sophos Antivirus - client relay script

dkucmierz
Contributor

!/bin/bash

echo "<result>"$(cat /Library/Sophos Anti-Virus/RMS/MRInit.conf | grep -e "ParentRouterAddress" | cut -d"=" -f 2 | cut -d"," -f 3 | tail -1 | sed 's/.{2}$//')"</result>"

5 REPLIES 5

rob_potvin
Contributor III
Contributor III

What does this do? I get the result bill

Thanks

ctangora
Contributor II

This returns the server that Sophos gets its policies from, correct?

dkucmierz
Contributor

This is only useful if you're in a large environment with Sophos Message Relay servers. This returns the Message Relay server the client is pointed to, which is kept in mrinit.conf. This is the server uses to send and receive it's status and policy updates

tkimpton
Valued Contributor II

Yep it the mrinit.conf that's they key :)

Actually useful for all types of environments and not just large ones! I am in a small environment with many Windows and Mac laptop users and I need to know and see if there are threats on the machines.

mcnaugha
New Contributor

I use this CLI in my scripts. It's a little simpler. The one above doesn't seem to work for me.

head -n 12 /Library/Sophos Anti-Virus/RMS/MRInit.conf | tail -n 1

I wouldn't say it's only useful for Message Relay Environments. Any SEC-managed environment might need to confirm this line is correct.