Configuring Audit Logging
The audit log in Avalanche collects information about actions performed from the Avalanche Console. As part of the data collection, the audit log includes the IP address of each Console that generated a logged event. Configuring audit logging preferences, viewing, and clearing the log can only be performed by an Administrator.
For information on viewing actions in the audit log, see Viewing the Audit Log.
The audit log will store up to 200,000 actions in the database. When 200,000 actions have been stored, Avalanche will move the oldest records to a .csv file in the backup directory and delete them from the database.
You can also archive the audit log at a specific time every day. When the information is archived, it is copied to a .csv file. The .csv file is stored in the same directory where backup files are stored.
The following events can be configured to be logged:
|
Deployment Package modifications |
When a deployment package is modified. |
|
Device Commands |
When one of the tools in the Device Details Tools panel is used. |
|
Device Group modifications |
When a device group is modified. |
|
Device Folder modifications |
When a folder is modified. |
|
Neurons commands |
If you are using the Ivanti Neurons Avalanche engine, commands sent from Ivanti Neurons. |
|
Region modifications |
When a region is modified. |
|
Profile Application modifications |
When a profile is applied, excluded, or removed from a location. |
|
Profile modifications |
When a profile is modified. |
|
Scheduled Event, Deployment |
When a deployment has occurred. |
|
Scheduled Event, Device reboot |
When a scheduled device reboot has occurred. |
|
User Logon/Logoff |
When a user logs on or logs off the Avalanche Console. |
|
User modifications |
When a user account is modified. |
To enable audit logging
1.Click Tools > System Settings.
The System Settings page appears.
2.In the Audit Logging section, click Disabled.
The Audit Log Settings dialog box appears.
3.Click the Enable Audit Logging check box.
4.If you want the audit log archived, click the Enable Audit Log Archiving check box and select the time of day (using a 24-hour clock) you want the log to be archived.
5.From the list, select the check boxes next to the events you want to record.
6.Click Save.