Navigate to Logging > Audit Logs to view the audit logs created by Threat Defender. Audit logs aggregate reported events from the user and asset logs, system logs, as well as threat intelligence incident logs.
The chart displays the events logged in the previous 24 hours over time and by category.
You can filter the audit log entries using the filter field above the table. Alternatively, you can filter the log table by hovering the mouse over one of the cells and clicking or . By clicking you include matching elements in the filtered results. By clicking you exclude the respective elements from the results.
The audit logs table displays the logged events with the following information:
|Created At||The date and time the audit log event was created in Threat Defender.|
|State||The state of the logged event, i.e. whether it was successful or failed.|
|Tag||The tag assigns the event to a certain log.|
|Action||The action logged by the event.|
|Message||A message describing the event.|
|Username||The login name of the user involved in the event.|
|User IP Address||The IP address of the user involved in the event.|
1. Event Details
To see further details on an audit log entry, click in the last table column or double-click its row.
If you click the link in the Message entry, you can directly access the relevant screens, e.g. the event details page in the respective log.