ESET Online Help

Search English
Select the category
Select the topic

Audit Log

When a user performs an action in the ESET PROTECT Web Console, the action is logged. Audit logs are created if a ESET PROTECT Web Console object (for example, computer, policy, detection, etc.) is created or modified.

Audit Log is a new screen available in the ESET PROTECT On-Prem. Audit Log contains the same information as the Audit log report, but it allows convenient filtering of the displayed data. You can also directly view the filtered audit log for various Web Console objects by clicking the Web Console object and selecting audit_log Audit Log.

Audit Log allows the Administrator to inspect the activities performed in the ESET PROTECT Web Console, especially if there are more Web Console users.


important

To view the Audit log, the Web Console user must have a permission set with the Audit log functionality.


note

The Audit log permissions enables the user to view logged actions of all other users and domains, even those related to assets the user does not have sufficient rights to view.

auditing

Click a line in Audit Log and you can perform the following actions:

details_default Show Object Details

Show the details of the audited object.

icon_history Show changes

Click a Policy Audit Log and select Show changes to see the visualized comparison of the policy changes:

Settings that have been added to the policy

Settings that have been removed from the policy

Settings that have been changed in the policy

mn_icn_user_normal Show User Details

Show details of the user who performed the action on the object.

audit_log Audit Log

Show the Audit Log for the selected object.

selected_user Audit Log for selected User

Show the Audit Log for the selected user.

time_interval Time window for selected object

Show the Audit Log for the selected object with an activated filter of time occurrence.

Filtering the view

To filter, click Add Filter:

1.In some filters, you can select the operator by clicking the operator icon next to the filter name (the available operators depend on the filter type):

icon_equals equals

icon_does_not_equal doesn't equal

icon_greater_than greater than

icon_greater_than_or_equal greater or equal

icon_less_than less than

icon_less_than_or_equal less or equal

icon_contains contains

icon_starts_with starts with

icon_ends_with ends with

icon_is_one_of is one of

icon_has_no_value has no value

icon_has_value has value

2.Select one or more items from the list. Type a search string or select the items from the drop-down menu in the filter fields.

3.Press Enter. Active filters are highlighted in blue.

You can filter the table view by various criteria:

<= Occurred - Set the date and time before which the action occurred.

>= Occurred - Set the date and time after which the action occurred.

Action - Select the performed action.

Audit Domain - Select the modified Web Console object.

Audit User - Select the Web Console user who performed the action.

Result - Select the action result.