Configuring Audit Logging

The audit log in Avalanche collects information about actions performed from the Avalanche Console. As part of the data collection, the audit log includes the IP address of each Console that generated a logged event. Configuring audit logging preferences, viewing, and clearing the log can only be performed by an Administrator.

For information on viewing actions in the audit log, see Viewing the Audit Log.

The audit log will store up to 200,000 actions in the database. When 200,000 actions have been stored, Avalanche will move the oldest records to a .csv file in the backup directory and delete them from the database.

You can also archive the audit log at a specific time every day. When the information is archived, it is copied to a .csv file. The .csv file is stored in the same directory where backup files are stored.

The following events can be configured to be logged:

Deployment Package modifications

When a deployment package is modified.

Device Commands

When one of the tools in the Device Details Tools panel is used.

Device Group modifications

When a device group is modified.

Device Folder modifications

When a folder is modified.

Neurons commands

If you are using the Ivanti Neurons Avalanche engine, commands sent from Ivanti Neurons.

Region modifications

When a region is modified.

Profile Application modifications

When a profile is applied, excluded, or removed from a location.

Profile modifications

When a profile is modified.

Scheduled Event, Deployment

When a deployment has occurred.

Scheduled Event, Device reboot

When a scheduled device reboot has occurred.

User Logon/Logoff

When a user logs on or logs off the Avalanche Console.

User modifications

When a user account is modified.

To enable audit logging

1.Click Tools > System Settings.
The System Settings page appears.

2.In the Audit Logging section, click Disabled.
The Audit Log Settings dialog box appears.

3.Click the Enable Audit Logging check box.

4.If you want the audit log archived, click the Enable Audit Log Archiving check box and select the time of day (using a 24-hour clock) you want the log to be archived.

5.From the list, select the check boxes next to the events you want to record.

6.Click Save.