Audit Logs
Table of Contents
Expand all | Collapse all
-
-
- Configure Circuits
- Configure Internet Circuit Underlay Link Aggregation
- Configure Private WAN Underlay Link Quality Aggregation
- Configure Circuit Categories
- Configure Device Initiated Connections for Circuits
- Add Public IP LAN Address to Enterprise Prefixes
- Manage Data Center Clusters
- Configure a Site Prefix
- Configure a DHCP Server
- Configure NTP for Prisma SD-WAN
- Enable IoT Device Visibility in Prisma SD-WAN
- Configure the ION Device at a Branch Site
- Configure the ION Device at a Data Center
- Switch a Site to Control Mode
- Allow IP Addresses in Firewall Configuration
-
- Configure a Controller Port
- Configure Internet Ports
- Configure WAN/LAN Ports
- Configure a Loopback Interface
- Prisma SD-WAN Standard VPN
- Configure a PoE Port
- Configure and Monitor LLDP Activity and Status
- Configure a PPPoE Interface
- Configure a Layer 3 LAN Interface
- Configure Application Reachability Probes
- Configure a Secondary IP Address
- Configure a Static ARP
- Configure a DHCP Relay
- Configure IP Directed Broadcast
- VPN Keep-Alives
-
- Configure Prisma SD-WAN IPFIX
- Configure IPFIX Profiles and Templates
- Configure and Attach a Collector Context to a Device Interface in IPFIX
- Configure and Attach a Filter Context to a Device Interface in IPFIX
- Configure Global and Local IPFIX Prefixes
- Flow Information Elements
- Options Information Elements
- Configure the DNS Service on the Prisma SD-WAN Interface
- Configure SNMP
-
-
- Prisma SD-WAN Branch Routing
- Prisma SD-WAN Data Center Routing
-
- Configure Multicast
- Create a WAN Multicast Configuration Profile
- Assign WAN Multicast Configuration Profiles to Branch Sites
- Configure a Multicast Source at a Branch Site
- Configure Global Multicast Parameters
- Configure a Multicast Static Rendezvous Point (RP)
- Learn Rendezvous Points (RPs) Dynamically
- View LAN Statistics for Multicast
- View WAN Statistics for Multicast
- View IGMP Membership
- View the Multicast Route Table
- View Multicast Flow Statistics
- View Routing Statistics
- Prisma SD-WAN Incident Policies
-
- Prisma SD-WAN Branch HA Key Concepts
- Configure Branch HA
- Configure HA Groups
- Add ION Devices to HA Groups
- View Device Configuration of HA Groups
- Edit HA Groups and Group Membership
-
- Configure Branch HA with Gen-1 Platforms (2000, 3000, 7000, and 9000)
- Configure Branch HA with Gen-2 Platforms (3200, 5200, and 9200)
- Configure Branch HA with Gen-2 Embedded Switch Platforms (1200-S or 3200-L2)
- Configure Branch HA for Devices with Software Cellular Bypass (1200-S-C-5G)
- Configure Branch HA for Platforms without Bypass Pairs
- Prisma SD-WAN Clarity Reports
-
- Native SASE Integration with Prisma SD-WAN
- Connect a Single Prisma SD-WAN Site to Prisma Access
- Connect Multiple Prisma SD-WAN Sites to Prisma Access
- Edit Application Policy Network Rules
- Understand Service and Data Center Groups
- Verify Standard VPN Endpoints
- Configure Standard Groups
- Assign Domains to Sites
- Prisma SD-WAN Incidents and Alerts
Audit Logs
Let us learn about audit logs in
Prisma SD-WAN
.Audit
logs are
available through the Prisma SD-WAN
web interface and provide records
of administrators' configuration changes in a system. You can use
these logs for compliance and troubleshooting purposes. They provide
logs on changes made, owner of the change, time of change, and the
scope of the change at a site, system, or a subset of sites. You may filter the audit logs by time range with the capability
to go back in time by at least six months, by site, device, and
type such as security, network policy, system administration, and
users. The
Audit
logs provide details on
the number of attempted logins to an enterprise portal by a specific
user from a particular IP address with information on all successful
and failed attempts. Users will have a view of all system changes
and access attempts. Audit logs auto-expire after two years, although the last two
actions carried out on any resource are kept forever. They are accessible
to the ROOT, SUPER, and IAM ADMIN user roles. Custom roles with
GET and POST permissions for the audit log resource may access these
logs.
Audit logs support Regex queries and compare versions by rewinding
or fast-forwarding to earlier or later versions and keeping a version
static while changing the other version. You can access the audit
logs from the
System
tab on the Prisma SD-WAN
web interface as well as directly from resources, such as sites,
devices, SNMP traps, Syslog exports, NTP clients, server, BGP, static
route, interface configuration, policy rule, policy set, stacked
policy prefix, custom application, application override configuration, network
contexts, circuit categories, IPSec profiles, Policies (Original),
zones, and prefix filters. You can export audit logs CSV files through
the Audit
log menu.