Audit Logs
Navigate to Logging > Audit Logs to view the audit logs created by Threat Defender. Audit logs aggregate reported events from the user and asset logs, system logs, as well as threat intelligence incident logs.
The chart displays the events logged in the previous 24 hours over time and by category.
You can filter the audit log entries using the filter field above the table. Alternatively, you can filter the log table by hovering the mouse over one of the cells and clicking to include or to exclude matching elements in the filtered results.
Event Details
Click in the last table column or double-click its row to display the entry in a separate audit log page.
The table displays the following information:
Field |
Description |
---|---|
Created At |
The date when the audit log event was created in Threat Defender. |
State |
The state of the logged event, i.e. whether it was successful or failed. |
Action |
The action logged by the event. |
Tag |
The tag assigns the event to a certain log. |
Message |
A message describing the event. If applicable, this entry provides a link to the relevant screens. |
Username |
The login name of the user involved in the event. |
User IP Address |
The IP address of the user involved in the event. |