Remediation Activity Logs

You can proactively monitor incident remediation logs to track activity. These logs are useful for auditing the progress of automatic remediation and tracking how incidents were addressed. The logs include actions taken automatically by the Aperture service and actions taken by users and administrators.
  1. Select ReportsRemediation Activity.
    po-remediation-log.png
  2. To filter the list and narrow the results to meet your audit needs, search or use the following facets:
    • Date —Time frame when the remediation activity occurred. For example: past day, past week, past month, or past year.
    • Any Action Taken—Remediation action taken on the asset, including Direct Public Link Removed, Inherited Public Link Removed, User Quarantine, Admin Quarantine, Deleted, Restored, Email Sent, No Reason, Business Justified or Misidentified.
    • All Rules—Policy rule used to discover the risk.
    • Any Action Taker—The user (or service) that performed the action. Choose Aperture to view remediation activity that was done automatically as part of a policy rule.
    • Search—Find an item using part of a filename or user name.
  3. Click the csv-export.png icon to download the logs as a comma-separated values (CSV) file. You can then open the CSV file in a spreadsheet application to review the remediation activity logs offline.

Related Documentation