Log Management

+ More

Table of Contents

Overview Folder View Events Filter Panel Log Details Best Practices

Overview

Logging provides a detailed account of all significant user and system events. You can either work with a centralized overview of events in the folder view, or use the User Activity Log and the Asset Activity Log pages for specialized logs.

Folder View

The folder view is split into two sections:

  • The top half shows the content of the folder you are currently in, or information about a selected agent. 
  • The bottom half contains the Events table, where you can review logs for the current folder, as well as subfolders and included items.
Folder View
Folder view

Events

The Events table contains both user and asset activity logs. Items are displayed in chronological order, with the newest events at the top by default. Scroll down to load additional events.

You can refresh the table to view the latest entries.

The table contains information organized in the following columns:

  • Time: The exact timestamp when the event occurred
  • Type: The nature of the event (for example, Session Started, Agent Registered)
  • Target: The machine associated with the action
  • User: The username or user ID associated with the action
  • Description: A simple explanation of what occurred (for example, Access to "Desktop ("ExamplePC\ExampleUser") started)

Filter Panel

Clicking the filter icon (orange funnel) opens an advanced filtering dialog box, allowing you to narrow down the logs. You can filter by:

  • Date (from/to): Set a date range to view logs within a specific time window.
  • User: Filter logs by a specific user.
  • Log type: Focus on specific event categories.

Click Apply to confirm and apply the filters, or Close to exit the filter dialog box without applying changes.

Log Filter window
Log Filter window

Log Details

Clicking any log entry opens a detailed view in JSON format. This is useful for support or advanced debugging.

Some example fields include:

  • source_entity: User or system entity that performed the action.
  • type: Event type such as "users.actions.login".
  • timestamp_ms / written_timestamp: Millisecond precision timestamps.
  • user_name / login / directory_name: Contextual metadata about the event.
  • log_entry_id: Unique identifier for the event.

This detailed view helps correlate backend IDs with user-friendly names, folders, and event metadata.

Log Details
Log Details view

Best Practices

  • Regularly review logs for unauthorized access attempts or unexpected activity.
  • Use filters when auditing specific users or dates.
  • Use the log details view for compliance reporting or technical audits.

Related Articles