Audit log information: General administration Skip Navigation

Audit log information: General administration

The following table lists the information that is added to the audit log for administrative actions that impact multiple
Cylance Endpoint Security
features. You can use the filtering options in the console to filter the audit log results.
Category
Action
Details
Agent Update
Edit
Rule:
<rule name>
; Zones:
<zones>
; Agent Version:
<version>
; Optic Version:
<version>
; Persona Version:
<version>
Agent Update
Edit
Tier:
<tier name>
; Zones: N/A; Agent Version:
<version>
; Optic Version:
<version>
; Persona Version:
<version>
Custom Update Rule
Add
Custom updater rule:
<rule name>
; Zones:
<zones>
; Agent Version:
<version>
; Optic Version:
<version>
; Persona Version:
<version>
Custom Update Rule
Remove
Custom updater rule
<rule ID>
is deleted.
Device
Add
Device:
<device name>
; Zone:
<zone name>
Device
Edit
Renamed:
<original name>
to
<new name>
; Policy Changed:
<old policy>
to
<new policy>
; Zones Removed:
<zone names>
; Zones Added:
<zone names>
; Agent Logging Level Changed:
<original value>
to
<new value>
; Agent Self Protection Level Changed:
<original value>
to
<new value>
Device
Remove
Devices:
<device names>
Login
Success
Provider: CylancePROTECT, Source IP:
<IP address>
Login
Failure
Policy
Add
Policy:
<policy name>
, Detection Settings changed from
<change details>
Policy
Edit
Policy:
<policy name>
:
<change details>
Policy
Remove
Policy:
<policy name>
Syslog
Disabled
Syslog disabled.
Syslog
Settings Save
{
<configuration_settings>
}
Tenant Configuration
Update
Updated custom domain name to
<name>
.
Tenant Role
Add
Role:
<custom role name>
Tenant Role
Edit
Role:
<custom role name>
Tenant Role
Remove
Role:
<custom role name>
User
Add
User:
<username>
; Role:
<role type>
User
Edit
User:
<username>
; email:
<user email>
User
Remove
Users:
<user names>
Zone
Add
Zone:
<zone name>
; Policy:
<policy name>
; Value:
<"High" / "Low" / "Normal">
Zone
Edit
Renamed:
<original name>
to
<new name>
; Current Policy:
<policy name>
; Policy Applied To All Devices In Zone:
<TRUE / FALSE>
; Values Assigned:
<"High" / "Low" / "Normal">
Zone
Remove
Zones:
<zone names>