McAfee EPOCDE-AA-BA Product Guide - Page 112
ePolicy Orchestrator Log Files, The Audit Log, Working with the Audit Log, Viewing the Audit Log
View all McAfee EPOCDE-AA-BA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
11 Other important server information ePolicy Orchestrator Log Files ePolicy Orchestrator Log Files Your ePolicy Orchestrator server maintains log files that chronicle various kinds of events and actions going on within the system. Contents The Audit Log The Server Task log The Threat Event Log The Audit Log Use the Audit Log to maintain and access a record of all McAfee ePO user actions. The Audit Log entries are displayed in a sortable table. For added flexibility, you can also filter the log so that it displays only failed actions, or only entries that are within a certain age. The Audit Log displays seven columns: • Action - The name of the action the McAfee ePO user attempted. • Completion Time - The time the action finished. • Details - More information about the action. • Priority - Importance of the action. • Start Time - The time the action was initiated. • Success - Whether the action was successfully completed. • User Name - User name of the logged-on user account that was used to take the action. Audit Log entries can be queried against. You can create queries with the Query Builder wizard that target this data, or you can use the default queries that target this data. For example, the Failed Logon Attempts query retrieves a table of all failed logon attempts. Working with the Audit Log Use these tasks to view and purge the Audit Log. The Audit Log records actions taken by McAfee ePO users. Tasks • Viewing the Audit Log on page 112 Use this task to view a history of administrator actions. Available data depends on how often and by what age the Audit Log is purged. • Purging the Audit Log on page 113 Use this task to purge the Audit Log. You can only purge Audit Log records by age. When you purge the Audit Log, the records are deleted permanently. • Purging the Audit Log on a schedule on page 113 Use this task to purge the Audit Log with a scheduled server task. Viewing the Audit Log Use this task to view a history of administrator actions. Available data depends on how often and by what age the Audit Log is purged. 112 McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide