Filter Logs on Traps Management Service
To quickly locate endpoint or server logs that match specific attributes, you can apply custom filters from the
Filtersmenu at the top of the
Logspage. By default, Traps management service applies the
Last 30 daysfilter to display only logs that occurred during the last 30 days. You can change the time frame and filter logs using the following additional attributes that are associated with individual log entries:
- Time period—Filters logs that match a predefined or custom period of time. To change the time period to something other than the defaultLast 30 days, select an alternate time period from the drop down:Last 24 hours,Last 7 days, orLast 3 Months. You can also define aCustomdate or date range.
- Endpoint Name—(Endpoint logs only) Filters logs matching a full or partial endpoint hostname or alias. The Traps management service filters the logs by the name as you type.
- Category—(Management Service logs only) Filters logs matching one or more categories (subclasses) which identifies the log type. Traps management service filters the logs by the categories you select.
- Severity—Filters logs matching one or more severity levels:Critical,High,Medium,Low, orInfo.
- Type—Filters logs one or more log types. To help you identify the full name of a log type, you can enter a full or partial string to narrow the list. The Traps management service filters the of logs as you select the log types.
- From Traps management service, select.MonitorLogs
- Select eitherEndpointto view logs reported for your endpoints, orManagement Serviceto view server logs for Traps management service.
- Add one or moreFiltersto filter the logs by the criteria you specify.
- Pin ( ) any filters you want to persist the next time you log in to Traps management service.At any time, you canCLEAR FILTERSto clear all manually applied filters or return to theFiltersmenu to clear individual filters.
Assess Security Events
Assess Security Events Traps management service ranks all events in order of severity so you can quickly see the most important events when you log ...
Filter the Endpoints
Filter the Endpoints From Traps management service, you can view all endpoints that have registered with Traps management service. To reduce the number of results ...
Investigate a File
Investigate a File Each time a file attempts to run on a Mac or Windows endpoint, Traps logs the event and reports it to Traps ...
Custom Filters Example: Traps Logs
Log Forwarding Filters for Traps Logs Here are some examples of custom filters that you can build to forward Traps logs. See the Traps log ...
Retrieve Logs from an Endpoint
Retrieve Logs from an Endpoint From the details view of an endpoint, you can initiate a request to retrieve all logs from an endpoint. You ...
Scan an Endpoint for Malware
Scan an Endpoint for Malware In addition to blocking the execution of malware, Traps can scan your Windows endpoints and attached removable drives for dormant ...
View Logs from Traps Management Service
View Logs from Traps Management Service You can view the different log types on Traps management service in a tabular format. The logs on Traps ...
View and Manage Logs
View and Manage Logs A log is an automatically generated, timestamped file that provides an audit trail for system events on Traps management service or ...