Activity Logs

The Activity Log section allows you to track and review actions performed by users across various modules. It provides a clear overview of system activity for auditing and monitoring purposes.

The Page Display

The log is displayed in a grid format with the following columns:

  • Date & Time – Timestamp of the activity.
  • Modified By – The user who performed the action.
  • Item Modified – The item or entity that was changed.
  • Log – A description of the action taken.

Filtering Options

You can refine the log view using filters:

  • Modified By: Click the Add button on the top menu bar to filter by specific users.
  • Date & Time: Use the dropdown to select a custom time range.

Activities Captured in the Log

Incident Activities

  • Create and edit incidents
  • Assign incidents
  • Change priority
  • Close incidents
  • Upload documents
  • Flag as suspicious, false positive, or true positive
  • Execute playbooks manually

Alert Activities

  • Perform remediation actions
  • Add alerts to the whitelist

Rule Builder Activities

  • Create custom rules
  • Edit rules
  • Delete rules
  • Enable or disable rules

Whitelist Rule Activities

  • Add whitelist rules
  • Edit whitelist rules
  • Delete whitelist rules

Threat Hunt Activities

  • Create alerts manually
Was this page helpful?