Using Process Monitor to Capture System Events

Glenn from Sophos Support walks you through how to download process monitor, capture system events, and how to send the files to Sophos Support.
Note: Process monitor is not a Sophos Product. Issues regarding process monitor must be addressed by Microsoft.

Timestamps:
0:00 - Overview
0:48 - Download & Extract
1:12 - Capture/Clear Events
1:48 - Save .PML file
2:13 - Send to Sophos
2:53 - Boot Logging
4:00 - More Info

KBA: https://support.sophos.com/support/s/article/KB-000034769?language=en_US

Embed

Sophos Techvids

Using Process Monitor to Capture System Events

Related Videos

Sophos Endpoint: Endpoint Self Help Product Analysis Tool

Sophos Endpoint: Performance Troubleshooting with CSV Logs

Sophos Endpoint: Endpoint Self Help Tool for Windows

Sophos Central: Endpoint Migration with Sophos API

Sophos Endpoint: Sophos File Scanner Debug Logging on Windows Endpoint & Server