Manualshelf

User guide

ManualsBrandsAdash ManualsComputer equipment3600-MPX
141142143144145146147148149150
iGuard/inSight User Guide
Release 7.0.0.4
137
keep them up-to-date.
Audit Log Filtering
If you are an inSight administrator, you will want to maintain control over the system at all times.
The user logs tell you who has logged into each iGuard and when, and each action taken by the
user is recorded. You can also edit the log to focus on specific user activities.
For example, the user log may tell you that user Bob logged on, looked at a report, and did some
searching. Then you may notice that he created or edited a policy, published the new search policy
to an iGuard, and activated it before logging off. From the timing of the information, you may also
be able to figure out whole sequences of activities that may indicate that significant changes have
been made to the system.
Example
Suppose you have noticed that a policy you added to the system is producing unexpected results.
You can consult the log to see if any of your colleagues modified or added rules that may be
gathering additional information.
1. Go to System > User Administration > Audit Logs.
2. Pull down the Timestamp menu under Filter by... and select a period during which
you suspect there may have been modifications.
3. If you know which iGuard is producing the unexpected results, add a filtering category
by selecting the green plus sign.
4. Pull down the filter menu and select Device.
5. Select equal or not equal.
6. Type in the hostname of the machine just as it is listed in the Device column. You can
cut and paste it from the log if you prefer.
7. Repeat the action for any of the other elements listed in the log.