Audit Log

If you need to see what has been happening within dope.swg console, then go to the Audit Log. The Audit Log works as a log of actions that have occurred within an account over the last 30 days.

To view the Audit Log go to Settings -> Audit Log

Audit Log Actions

The Audit Log will report on the following dope.swg console events

Settings

Admin Management

  • New Admins

  • Admin Removal

  • Logins

  • Logout

User/Group Updates

  • Initial import — No. of users/groups added/removed

  • Delta import — No. of users/groups added/removed

  • Errors — update user/group fails e.g. authorization failure

Endpoint Configuration

  • Anti-uninstall password configured/changed

  • Fail closed ON/OFF

OIDC Configuration

  • OIDC Configuration enabled/disabled

  • Config update i.e. domains edited

Block Pages Updates

  • New custom page added/deleted/changed

Security Information and Event Management (SIEM) Integration

  • SIEM Integration enabled/disabled

Policy

  • Policy created/deleted/updated

Cloud App Control (CAC) Policy Updates

Application and Domain Bypass Updates

Policy Assignments

  • User/group assigned to a policy

  • Policy Clashes i.e. a user(s) associated with two groups assigned to different policies

Endpoint Manager

  • New endpoint registered with the dope.cloud

  • Endpoint uninstalled

  • Dormant endpoint deleted after 35 days

  • Admin enabled endpoint to Debug Mode

  • Admin disabled endpoint from Debug Mode

Analytics

  • Export to CSV

Audit Log Format

As well as recording the action, the log will record the admin responsible for the action and the timestamp for the action.

Audit Log Search

Search by action

You have the option of searching by email or by specific action. When selecting the search icon, different groups of actions will appear as a dropdown.

Select the type of Audit group action to search. On selection, a deeper breakdown of actions will be presented specific to the group.

For example, selecting the group Policy will result in the following Audit Log Actions to be presented:

Selecting the Action from the list will filter the Audit Log to show only these actions.

Search by time

On the left-hand side of the Audit Log, there’s a date widget showing the last 30 days.

Selecting a specific date will scroll the Audit Log’s position to that date, providing an easy way to jump to a date where an action of interest may have happened.

PreviousImporting from GoogleNextSIEM Integration

Last updated