Configuring Audit Logging

The audit log in Avalanche collects information about actions performed from the Avalanche Console. As part of the data collection, the audit log includes the IP address of each Console that generated a logged event. Configuring audit logging preferences, viewing, and clearing the log can only be performed by an Administrator.

For information on viewing actions in the audit log, see Viewing the Audit Log.

The audit log will store up to 200,000 actions in the database. When 200,000 actions have been stored, Avalanche will move the oldest records to a .csv file in the backup directory and delete them from the database.

You can also archive the audit log at a specific time every day. When the information is archived, it is copied to a .csv file. The .csv file is stored in the same directory where backup files are stored.

The following events can be configured to be logged:

Deployment Package modifications

When a deployment package is modified.

Device Commands

When one of the tools in the Device Details Tools panel is used.

Device Group modifications

When a device group is modified.

Group Location modifications

When a folder is modified.

Region Location modifications

When a region is modified.

Server Location modifications

When a server location is modified.

Profile Application modifications

When a profile is applied, excluded, or removed from a location.

Profile modifications

When a profile is modified.

Scheduled Event, Apply/Synchronize Profiles

When an Apply/Deploy Profiles event has occurred.

Scheduled Event, Deploy/Update Servers

When a Deploy/Update Servers event has occurred.

Scheduled Event, System Backup

When a System Backup event has occurred.

Scheduled Event, System Restore

When a System Restore event has occurred.

Scheduled Event, Uninstall Server

When an Uninstall Server event has occurred.

Scheduled Event, Deployment

When a deployment has occurred.

User Logon/Logoff

When a user logs on or logs off the Avalanche Console.

User modifications

When a user account is modified.

To enable audit logging

1.Click Tools > System Settings.
The System Settings page appears.

2.In the Audit Logging section, click Disabled.
The Audit Log Settings dialog box appears.

3.Click the Enable Audit Logging check box.

4.If you want the audit log archived, click the Enable Audit Log Archiving check box and select the time of day (using a 24-hour clock) you want the log to be archived.

5.From the list, select the check boxes next to the events you want to record.

6.Click Save.