Contents

Audit Trail Report

The Audit Trail report shows information about Firebox configuration changes.

This report is available only if log messages with data for this report exist in the specified time frame. To make sure that your Firebox sends log messages required to generate this report , follow the steps to Enable Logging for this Report.

How to Use this Report

Use this report to see the history of Firebox configuration changes, and who made each change.

For this report to show who made each configuration change, each administrative user must log in with a unique Device Administrator account. For information about how to add Device Administrator accounts on the Firebox, see Manage Users and Roles on Your Firebox.

View the Report

This report is available in WatchGuard Cloud and in Dimension.

The Audit Trail report includes a row for each configuration change:

Column Description
Time The date and time the configuration change was saved to the Firebox.
User The name of the administrative user who saved the change.
IP The IP address of the management computer that saved the change.
Message A brief description of what changed.

A single configuration change can trigger other related changes. For example, if an administrator adds or removes a policy, this report can show other related configuration changes to Aliases, Related Hosts, Multi-WAN, and other settings.

Enable Logging for this Report

To collect the data required for this report, in the Logging settings on the Firebox, select the Send log messages when the configuration for this Firebox is changed check box.

For more information about logging settings, see Define Where the Firebox Sends Log Messages.

See Also

WatchGuard Cloud Device Reports

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search