ThreatSync+ NDR Network Audit Logs
Applies To: ThreatSync+ NDR
This feature is only available to participants in the ThreatSync+ NDR Beta program.
The Network Audit Logs page shows details of any configuration activity performed for ThreatSync+ NDR policies and zones on your network. You can use the information in this page to identify which users made changes to your ThreatSync+ NDR configuration.
ThreatSync+ NDR network audit logs do not appear on the Audit Logs page in WatchGuard Cloud. For more information, go to See Audit Logs.
To open the Network Audit Logs page:
- Select Monitor > ThreatSync+ NDR > Network Audit Logs.
The Network Audit Logs page opens.
Policies
The Policies tab opens by default and shows a list of all configuration history related to ThreatSync+ NDR policy changes.
To view details about the policy activity, click a row to expand it. For example, if an operator changed the status of a policy from Not Active to Live, it shows in the log history.
To view policy details, refine policy options, or add comments, click the name of the policy. For more information, go to Configure ThreatSync+ NDR Policies.
Zones
The Zones tab shows details of zone configuration history changes.
Expand each zone configuration history to view more details.
To manage zones, click the zone name. For more information, go to Manage ThreatSync+ NDR Zones.
Smart Alerts
The Smart Alerts tab shows details of Smart Alert audit logs.
To view details about the Smart Alert audit log history, click a row to expand it. For example, if an operator selects or clears the Include similar Smart Alerts check box when closing a Smart Alert, it shows in the log history. For more information, go to Review Smart Alert Details.