Enterprise Recon 2.3.1
Operation Log
The Operation Log captures all remedial and access control actions taken on a given Target.
There are several ways to view the Operation Logs for a Target.
Targets
- Log into the ER2 Web Console.
-
Go to the Targets page.
-
Expand the group your Target resides in.
-
Hover over the Target and click on the gear icon.
- Select View Operation Log from the drop-down menu.
Investigate
- Log into the ER2 Web Console.
-
Go to the Investigate page.
-
Hover over the Target and click on the gear icon.
- Select Operation Log from the drop-down menu.
Target Details
- Log into the ER2 Web Console.
- Go to the Target Details page.
- Click the Operation Log button.
Each operation log entry contains the following information:
Property | Description |
---|---|
Location | Location of file where the remediation or access control action was taken. |
User | User that performed the remediation or access control action. |
Operation | Status of the most recent remediation or access control action for the location. |
Match Count | The number of matches in the file. Only applicable for remediation actions. |
Timestamp | Month, day, year, and time of the remediation or access control event. |
Sign-off | Text entered into the Sign-off field when the remediation or access control action was taken.
ER2 uses two properties to log the source of remedial action: the Sign-off, and the name of the user account used. The name of the user account used for remediation is not displayed in the Remediation Logs, but is still recorded and searchable in the Filter by… panel.
|
You can modify or download the displayed list of operation logs using the following features:
Feature | Description |
---|---|
Filter By... > Date | Set a range of dates to only display logs from that period. |
Filter By... > User | Display only remediation and access control events from a particular user account. Use the following format for
|
Reverse order | By default, the logs display the newest remediation or access control event first; uncheck this option to display the oldest event first. |
↺ Reset Filters | Click this to reset filters applied to the logs. |
Export Log | Saves the filtered results of the operation log to a CSV file. |