Help Document

Reload Historical Logs

Historical log data acts as an important component in the incident investigation process. When working on a specific incident, you can look back at log data for a specific period to find any discrepancies that can help solve cybersecurity issues. Log360 Cloud provides the option to reload historical logs.

To access historical logs, navigate to Settings → Admin → General → Reload Historical Logs.

You can reload specific log types for a period of your choice and also specify a retention period for the reloaded logs.

To create a new reload request:

  • Click Create Request Page.
  • Reload Historical Logs
  • Enter the Name, Devices, the Log Types, Time Period for which you would like to reload logs and Retention Period to specify the number of days the reloaded logs has to be stored.
  • Note: The time refers to the uploaded time of the logs.

    Reload Historical Logs

    Note: You can select a maximum storage retention period of 5 days..

    You can use the Criteria Builder in the Advance Criteria to reload specific logs.

    Reload Historical Logs
  • Click Create.
  • You can check the request completion status by clicking on the Notification icon at the top-right corner of the product console.

    Note: While creating a request for reloading historical logs, if the generated time and uploaded time of the logs are different, the time range should include both..

    You can also view reports and configuration details as you scroll.

    Reload Historical Logs

    Note: Only a maximum of 50 live indexes can be held at one time. If you would still like to create a new request, either delete an existing request or wait for its expiration..

    Reload Historical Logs

    Note: As per your notification settings configuration, you will receive notifications for reloading historical logs through email and SMS..