Enterprise Recon 2.6.0

Operation Log

The Operation Log captures all remedial, access control PRO and classification PRO actions taken on a given Target.

Operation Log displaying the details for remediation and access control actions taken on MY-DEBIAN-MACHINE.

There are several ways to view the Operation Logs for a Target.

Targets

  1. Log in to the ER2 Web Console.
  2. Go to the Targets page.

  3. Expand the group your Target resides in.

  4. Hover over the Target and click on the gear Enterprise Recon 2.1 options gear icon. icon.

  5. Select View Operation Log from the drop-down menu.

Investigate

  1. Log in to the ER2 Web Console.
  2. Go to the Investigate page.

  3. Hover over the Target and click on the gear Enterprise Recon 2.1 options gear icon. icon.

  4. Select Operation Log from the drop-down menu.

Each operation log entry contains the following information:

Property Description
Location Location of file where the remediation, access control or classification action was taken.
User User that performed the remediation, access control or classification action.
Operation Status of the most recent remediation, access control or classification action for the location.
Match Count The number of matches in the file. Only applicable for remediation actions.
Timestamp Month, day, year, and time of the remediation, access control or classification event.
Sign-off Text entered into the Sign-off field when the remediation, access control or classification action was taken.
ER2 uses two properties to log the source of the action: the Sign-off, and the name of the user account used.

You can modify or download the displayed list of operation logs using the following features:

Feature Description
Filter By... > Date Set a range of dates to only display logs from that period.
Filter By... > User Display only remediation, access control and classification events from a particular user account. Use the following format for
  • Manually added users: <username>
  • Users imported using the Active Directory Manager: <domain>\<username>
Reverse order By default, the logs display the newest remediation, access control or classification event first; uncheck this option to display the oldest event first.
↺ Reset Filters Click this to reset filters applied to the logs.
Export Log Saves the filtered results of the operation log to a CSV file.

Select the Include access control details checkbox to include information related to access control operations in the exported operation log.


PRO This feature is only available in Enterprise Recon PRO Edition. To find out more about upgrading your ER2 license, please contact Ground Labs Licensing. See Subscription License for more information.