Viewing the Audit Log
This functionality is available with the View audit events permission.
To view the Audit Log:
- In the main window of the application web interface, open the management console tree and select the Events section.
- Select the Audit tab.
Event information is displayed as a table.
The table displays a maximum of 5000 events. If a cluster node is unavailable at the moment when Audit Log events are being displayed, events stored on that node are not displayed in the table.
The audit event table displays the following information:
- GUID is the unique global ID of the event.
- Date and time is the date and time when the event occurred. The time zone is the time zone of the node on which the event occurred.
- User IP address is the IP address of the computer from which the event was initiated.
- Node is the IP address and port of the node that processed the event.
- User login is the login of the user that initiated the event.
- Account type is the account type of the KSMG user that initiated the event.
Possible values:
- Local user
- SSO user
- Event type is the type of the event. Possible values are listed in the table below.
- Event is the event that occurred. Possible values are listed in the table below.
Audit events
Event type
Event name
Authentication
Authentication attempted
Rules
Rule created
Rule modified
Rule deleted
Dictionaries
Dictionary created
Dictionary modified
Dictionary deleted
Backup
Sending from Backup started
Sent from Backup
Downloading from Backup started
Downloaded from Backup
Deleting from Backup started
Deleted from Backup
Settings
Protection settings changed
- Event part is the number of the part with information about the event.
- Total event parts is the total number of parts with information about the event.
- Result is the result of the event.
You can sort events in the columns. To do so, click the header of the column in the table.
You can customize the columns in the table by clicking 
.