- Overview
- CylanceON-PREM architecture
- Steps to get started with CylanceON-PREM
- Requirements: CylanceON-PREM
- Configuring the CylanceON-PREM virtual appliance
- Migrating to the most recent version of CylanceON-PREM
- Configuring the CylanceON-PREM console
- Log in to CylanceON-PREM
- Administrative dashboard
- Filter lists
- Export lists
- CylanceON-PREM policies
- Setting up the CylancePROTECT agent
- Adding the CA certificate to endpoints
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Manually update the Linux driver
- Upgrading the CylancePROTECT Desktop agents
- Using virtual machines
- Manage devices in CylanceON-PREM
- Threat management in CylanceON-PREM
- CylanceON-PREM Global lists
- CylanceON-PREM Administration
- Managing CylanceON-PREM users
- Managing roles
- Update profile information
- CylanceON-PREM audit logs
- Managing Certificates
- Setting up email notifications for CylanceON-PREM
- CylanceON-PREM Settings
- Upgrade CylanceON-PREM
- Reboot the virtual appliance
- Configure session timeout
- Update CylanceON-PREM SSL certificate version 1.3.1 and later
- Update CylanceON-PREM SSL certificate version 1.2.2.1 and earlier
- Change the certificate cipher mode
- Enable maintenance mode
- Change network settings
- Check an IP address
- Change the log level
- Download logs
- Configure syslog/SIEM settings
- Update database connection settings
- Configure active directory
- Configure identity provider settings
- Using certificate-based authentication
- Add a banner to the login screen
- Applications
- CylanceON-PREM API
- Troubleshooting
- Agent not communicating with CylanceON-PREM
- Web browser reports insecure webpage
- Unable to connect to external database
- Configure static IP using the OVF tool
- Remote server 404 error in log files
- Log in with a local administrator account
- Online Certificate Status Protocol issues
- A user is not receiving email notifications
- Before you contact support
- BlackBerry Docs
- CylanceON-PREM
- Cylance ONPREM Administration Guide
- CylanceON-PREM Administration
- CylanceON-PREM audit logs
CylanceON-PREM audit logs
CylanceON-PREM
audit logsYou can review the audit log for information on various actions performed from the
CylanceON-PREM
console. You can view audit logs by clicking Audit Logs
on the menu bar of the console. When you deploy
CylanceON-PREM
for the first time, it creates a system account (First Name=system and Email=system@onprem.local) that is used in Audit Logs to identify actions taken by the system versus actions taken by a CylanceON-PREM
user. For example, the system account is used when the system applies a policy to a device as a result of a policy rules match.Event | Actions |
|---|---|
Agent Update | Edit |
Device | Edit, delete |
Global List | Create, delete |
Login | Success, failure |
Logout | Success, failure |
Policy | Create, edit, delete |
Policy Rule | Create, edit, delete, auto policy applied The Audit Log will have one entry per device when a rule is automatically applied because conditions were met. |
Role | Create, update, delete |
Tag | Create, update, delete, assigned |
Tag Rule | Create, update, delete, auto tag applied The Audit Log will have one entry per device when a rule is automatically applied because conditions were met. |
Threat | Quarantine, waive, global quarantine, safe list |
User | Create, edit, delete, assigned |
Virtual Appliance Update | Enable or disable maintenance mode |
- To filter entries in this list to find information faster, click
. - To export entries in this list to use in other applications, click
.