The Activity Log section allows you to track and review actions performed by users across various modules. It provides a clear overview of system activity for auditing and monitoring purposes.
The Page Display
The log is displayed in a grid format with the following columns:
- Date & Time – Timestamp of the activity.
- Modified By – The user who performed the action.
- Item Modified – The item or entity that was changed.
- Log – A description of the action taken.
-
Entity ID – The Entities listed
Filtering Options
You can refine the log view using filters:
- Modified By: Click the Add button on the top menu bar to filter by specific users.
- Date & Time: Use the dropdown to select a custom time range.
Activities Captured in the Log
Incident Activities
- Create and edit incidents
- Assign incidents
- Change priority
- Close incidents
- Upload documents
- Flag as suspicious, false positive, or true positive
- Execute playbooks manually
Alert Activities
- Perform remediation actions
- Add alerts to the whitelist
Rule Builder Activities
- Create custom rules
- Edit rules
- Delete rules
- Enable or disable rules
Whitelist Rule Activities
- Add whitelist rules
- Edit whitelist rules
- Delete whitelist rules
Threat Hunt Activities
- Create alerts manually
Note: YOu can export the activity logs in MS Excel format. Click the Export button in the top right corner to execute the same.