Viewing user activity audit entries
Kaspersky Industrial CyberSecurity for Networks can save information about actions performed by users in the application. Information is saved in the audit log if user activity audit is enabled.
You can view audit entries when connected to the Server through the web interface. If necessary, you can also configure the forwarding of audit entries to recipient systems via connectors.
Only users with the Administrator role can view audit entries.
To view audit entries:
- Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
- Select Settings → Audit.
The table will display the audit entries that match the defined filter and search settings.
The settings of audit entries are displayed in the following columns of the table:
- Date and time
Date and time when the user action data was registered.
- Action
Registered action performed by the user.
- Result
Result of the registered action (successful or unsuccessful).
- User
Name of the user that performed the registered action.
- User node
IP address of the node where the registered action was performed.
- Description.
Additional information about the registered action.
When viewing the audit entries table, you can use the configuration, filter, search, and sorting functions.
