With the inclusion of role-based administration, it is more likely that different users will have different access levels in Endpoint Central application. It is very important for the administrator to review the changes done by all the users periodically and ensure that everything is smooth.
The logs will be maintained for the specified number of days. This can be configured from the top right corner of the web console by editing the action log settings. The maximum number of days is 750.
The Action Log Viewer logs every action performed by all the users along with date and time. The administrator can review the changes done by all the users and ensure correctness. The view can also be filtered user-wise and module-wise for easier analysis. Here's how:
This feature is not applicable for Cloud
The name of the device that is used to access the Endpoint Central Server Console can also be tracked for auditing purposes. This can be done by configuring Endpoint Central's Action log viewer. To enable this feature:
Note: The host name may not be retrieved perfectly in all cases due to few security configurations in certain networks. In such conditions, the IP Address of the device will be displayed.
Navigating to Admin -> Audit - >Alerts will display a list of Endpoint Central alerts. It is determined by the alerts you have configured throughout the product at various locations. You can filter the alerts based on various parameters such as date range, module type, alert type and alert level.