Audit Who did What and When

With the inclusion of role-based administration, it is more likely that different users will have different access levels in Endpoint Central application. It is very important for the administrator to review the changes done by all the users periodically and ensure that everything is smooth.

The logs will be maintained for the specified number of days. This can be configured from the top right corner of the web console by editing the action log settings. The maximum number of days is 750.

The Action Log Viewer logs every action performed by all the users along with date and time. The administrator can review the changes done by all the users and ensure correctness. The view can also be filtered user-wise and module-wise for easier analysis. Here's how:

  • The first step is to choose the Date Range. This date range is customizable.
  • The next step is to choose the necessary modules. Modules can be filtered based on your needs. If you want to view the logs for all the modules, enable the checkbox for All.
  • The last step is to choose the users. All the Endpoint Central users will be listed in drop down. If you want to view the event logs for all users, select All from the drop down.

Action Log Viewer

 

 

Host Name Collection

This feature is not applicable for Cloud

The name of the device that is used to access the Endpoint Central Server Console can also be tracked for auditing purposes. This can be done by configuring Endpoint Central's Action log viewer. To enable this feature:

  1. Login to the Endpoint Central Console. 
  2. Navigate to Admin-> Audit -> Action Log Viewer
  3. Click on Edit Action Log Settings
  4. Toggle the collect host name button.

Note: The host name may not be retrieved perfectly in all cases due to few security configurations in certain networks. In such conditions, the IP Address of the device will be displayed.

 

Alerts

Navigating to Admin -> Audit - >Alerts will display a list of Endpoint Central alerts. It is determined by the alerts you have configured throughout the product at various locations. You can filter the alerts based on various parameters such as date range, module type, alert type and alert level.

Related Features