Audit Logs
Your system’s audit logs are available for viewing. Audit logs, as Common Event Format (CEF) audit events, can be sent to ArcSightESM directly for analysis and correlation.
To view audit logs:
-
Click Administration > System Admin.
-
Click Audit Logs in the Logs section.
-
Select the date and time range for which you want to obtain the log.
-
(Optional) To refine the audit log search, specify a string in the Description field and a user name in the User field. When a string is specified, only logs whose Description field contains the string are displayed. Similarly, when a user is specified, only logs whose User field contains the username are displayed.
-
Click Search.